Hey there folks, I need some advice here.
I recently bought a premium plugin from envato and to solve an issue, the developer asked for an admin user to be created. I was hestitant at first but I couldn’t solve the issue myself. I noticed many others were also doing the same and since my website has so few users, it should be harmless to grant acccess.
So I did, but after a few days, the developer wasn’t able to solve the issue and asked me to hire a PHP guy. So now I still have the issue but my bigger concern is on security.
My question is, is there a risk granting a plugin developer admin access to my website? Or is this a common practice? I have already deleted the admin user but should I do additional checks? What do I need to check? Is there a plugin to easily check for backdoors?
Thanks all!
[ad_2]
Hello there,
as someone who worked over Fiverr for WordPress Websites i can guarantee you that it is totally normal to grant admin rights to developers BUT:
-Always do a Backup first without a Backup do not let him work there
-He can’t really mess that much up after his work check your Plugins/Themes/Pages/Posts and if all is fine your good to go.
-If you found something weird you can always go back to your Backup.
-After that delete the Account.
I hope this helped you!
Wait what kinda developer did you hire? He doesn’t know PHP???
Someone selling a service / plugin isn’t going to ruin their reputation by messing with your website (99% of the time), so yes just provide admin access to developers if you’re wanting them to help you.
Simply create their admin account, provide them with the login details, and then when they’re done remove the account.
You don’t need to do additional checks, unless you have a reason to suspect them of wanting mess with your site & ruin their reputation (but if you have a reason to suspect them of doing this, why let them work on your site in the first place…).