[ Important ] Buyer still using my work after order cancellation!

[Guest offlinehelpers]

How can one find out if there is a backdoor on a site? There must be a way to check. Otherwise no one who buys a site would be safe. Occasionally being a frequent forum visitor pays off. This is one of those times.

It would depend on how it was setup I suppose. Without knowing that, as an amateur like me, it would be almost impossible - unless you know a good hacker I suppose. That’s what makes this whole thing so questionable (chose questionable as it was the least bad of the descriptions I had in my head at the time 😦

[misscrystal]

It’s been a long time since I had a site but as I recall, there was a different type of file you could put all the site files into that would be safe. There were also places where you could specify specific people to have access to a site at all times no matter what.
It was a “root file” or something and you really had to know where to find this file, and how to change or modify it. Of course you had to know how to read and write code.

[nikavoice]

How can one find out if there is a backdoor on a site? There must be a way to check. Otherwise no one who buys a site would be safe. Occasionally being a frequent forum visitor pays off. This is one of those times.

Do a quick YT search, you’ll find a bunch of tutorials and such.

[catwriter]

Well done to the OP - his whole story has put me off ever hiring anybody to do my websites. They might look like a 5 year-old did them, but at least I know it’s my own work, and nobody’s put in any little ‘surprises’ for me.

Well done to the OP - his whole story has put me off ever hiring anybody to do my websites.

If I ever decide to hire someone to build me a website, it will be someone I know in person, not someone from the other side of the planet.

And it’s already a few of us just on this topic saying something like this, so well done to the OP, indeed, he just managed to harm the businesses of many website developers offering their services on Fiverr.

So guys can think whatever you want i am not here to prove my self right i just wanted to gave deveopers a tip to develop website on own domain first

Just that, or to create a backdoor, too?

people just need topic to criticize on forum

If it looks shady, or if it scares people who were thinking about getting their own websites, yes, they will criticize it, try to figure out what really happened, and try to find a way to protect themselves.

[sajedulshawon1]

thank god i’ve added backdoor the time i smell something wrong

How does that work? Don’t you need access to the server?

For example a restaurant , where you have the Front-area ( main hall where the “customers” dine ) , and you have the Back area ( kitchen, Storage, Office ) where only the Employees venture

More clearly I have an website

this is the front end where you just see the content that I want to show you

and this is back end where I can edit everything and change everything of my site

He still have access of this back end

[uxreview]

This is actually a good post to show when buyers ask why my prices are higher.
It’s called honesty tax 😃

[Guest offlinehelpers]

For example a restaurant , where you have the Front-area ( main hall where the “customers” dine ) , and you have the Back area ( kitchen, Storage, Office ) where only the Employees venture

More clearly I have an website

this is the front end where you just see the content that I want to show you

Frontend.JPG1356×618 83.9 KB

and this is back end where I can edit everything and change everything of my site

Back end.JPG1364×609 75.3 KB

He still have access of this back end

That is indeed the backend, but not a backdoor! 😉

That’s just a Wordpress Dashboard.

[uk1000]

If the buyer is really using what the seller has created even after cancelling, the buyer should be reported to CS (which has been done), but also maybe the site could be reported to Google (if it’s breaking some law like copyright eg. in the design (which would still belong to the seller)).

But also, adding a back door like described and using it (especially when you no longer have permission from the site owner to access the site) is illegal isn’t it (ie. unauthroised access to a computer system) - at least in some parts of the world if not all?

[misscrystal]

Sites are built by developers all the time without them having a way to hack into the site once it’s live so there must be some way to prevent this.

[nikavoice]

A rogue developer could do some major damage. Since you’re in the 🇺🇸 when I’m concerned about certain things. I ring ☎️ my local FBI to have a chat.

[pacquo]

It’s been a long time since I had a site but as I recall, there was a different type of file you could put all the site files into that would be safe. There were also places where you could specify specific people to have access to a site at all times no matter what.

It was a “root file” or something and you really had to know where to find this file, and how to change or modify it. Of course you had to know how to read and write code.

as I recall, there was a different type of file you could put all the site files into that would be safe.

Most likely you’re remembering the .htaccess file of an Apache web server.

This file can be used to limit or deny the access to certain files or folders from the web.

It serves also for other purposes, for example URL rewriting or URL redirection.

Most CMS are shipped with their own .htaccess file.

But that is not the tool to solve the problem in question.

The real control of a machine happens at OS level and implies having root privileges.

With them everything is possible; from reconfiguring the firewall to configuring critical services like SSH, eventually on a non-standard port.

These activities leave traces, though.

On a Unix system, for example, at least in files like kern.log, syslog, and auth.log.

The problem becomes serious when the kittens hit the fan, because the ToS of almost all hosting services state that the owner of the VPS (or of the hosting plan) is liable for misconduct if it is proved a mishandling of the credentials used to access the server or the account.

At that point the matter is not always taken lightly.

[orcatek]

If you provided graphics, that you created, you can use DMCA takedowns. If client ignores, go to hosting company.

[samiahmed321]

Fiverr Customer Supports Really helps you in that case it’s my personal experience .