You can also check if there is any admin accounts created by them inside your wordpress website. Also, make sure to check your hosting FTP accounts / passwords – or just delete those FTP accounts if you don’t need them.
This should prevent unfortunate things from happening.
Hope this helps.
Yes, I found an admin account and thus prompted me to ask.
Could you elaborate on hosting FTP accounts?
If you are using CPanel, you can login to your hosting and go to ‘FTP Accounts’. FTP account allow users to upload and delete files in your hosting. So it is better to check if there is any account created by your ex-developer.
The following is some readup on ftp accounts in Cpanel – https://documentation.cpanel.net/display/78Docs/FTP+Accounts
Hope this helps!
Thank you for that! I’m seeing quite a few accounts. How do I know if there is one that is vulnerable?
They all say, ftp.*website name*.com
You can delete them all if you do not need to access your server via FTP =)
I have no idea if I need them or not. Could he be hosting pictures off of the site and once the FTP is deleted, would they essentially be deleted?
Deleting FTP accounts will not affect the current files in your server.
Just a side note, when deleting ftp accounts, you will be asked to delete the associated directory – do not delete the associated directory, just delete the ftp account.
- This reply was modified 5 minutes ago by websprout.