The freelancer I'm working with has changed the login credentials to get into my wordpress admin page thus locking me out for the second time. This is a fixed price contract.
When I try to login I get a 404 page
I went through the TOS and wasn't able to find a reference for this although It seems like it would be against the policy of Upwork.
Can someone here give me advice as too the best way forward.
There is no specific rule in Upwork ToS that prohibits a freelancer from changing login credentials for back-end systems.
It is unusual. It may very well be a problem for you. But it is not an Upwork ToS violation per se.
I have seen situations in which project owners needed help to restore websites that they had messed up through their own experimentation and mistakes, and they hired experts to help them, and those experts had to change the credentials to lock out the project owner temporarily in order to get the job done.
Having said all that... the freelancer you hired may be a scoundrel, a criminal, a scammer, a saint, a top level professional, or the saviour of your project. I don't know.
If you didn't want the freelancer to lock you out of your own back-end server, then you may have a problem. The next step for you would be for you to communicate with the freelancer and ask him why he did that. Obviously Upwork doesn't have the back-end credentials for your website, so there is not much that Upwork can do for you.
Another important point...
You mentioned that this project is a fixed-price project.
If you hired the freelancer to create something for you (including a website), and you have not paid the freelancer for that work, then the work product still belongs to the freelancer.
So if the freelancer is in the middle of creating a website, and that website has not yet been paid for by your releasing payment to the freelancer, then technically the freelancer owns the website, and it is his right to change credentials on the site whenever he wants.
If the freelancer changed credentials without consulting you, I consider this very unprofessional behavior. It is not something I would have done. I believe the freelancer should provide you with all the work he is creating on your behalf, unlocked, fully accessible, before requesting payment.
But Upwork's rule is that work belongs to the freelancer until the work is paid for.
None of which is so clear-cut if the freelancer was working on an EXISTING website and not creating something for you from scratch.
If that's the case, then the freelancer's actions are even more unprofessional and unwarranted.
But, as Petra suggested and as I mentioned in my previous post, the next step is to contact the freelancer and ask what is going on.
As Petra and Preston suggested, you should first request an explanation from the freelancer but unless the site has a plugin that locks the login page after numerous failed logins, there shouldn't be a 404 error. A 404 during login usually occurs when the site's broken and if so, hopefully that wasn't done deliberately. Finally, if you can see the login page, you should be able to reset the password yourself by clicking the "Lost your password?" link, provided the freelancer didn't go to the trouble of changing the email address associated with your username.
@Cid L wrote:
The freelancer I'm working with has changed the login credentials to get into my wordpress admin page ...
When I try to login I get a 404 page
Hi Cid L,
If you get a 404 page, that doesn't mean your freelancer has changed the login credentials. 404 means the page doesn't exist. There is a possibility of changing the login permalink (/wp-login.php) or dashboard permalink (/wp-admin/) thus you're getting 404 error. We, WP developers usually hide login permalink for security purpose and to prevent from brute force attack.
Talk to your freelancer about the issue and you'll find the right answer.
"I'm silently judging your font choice."