Freelancer threatening to hack my website

Well the fact your using wordpress would make it easier to hack.

He could also DDOS your site.

Probably just pay the freelancer the money you owe him?

DDOS attacks is what he really means or does he.

Update your core and plugins, remove any you dont need or use
Update your htaccess file to only allow your IP into admin
etc etc ....

May want to consider hiring someone to lock down your site which will only take an hour or 2 so in case or for future issues.

This is a weird scenario. I would contact the freelancer.com support to tell them what is happening.

To be honest I wouldn't interact with him. Probably just bluffing, but if you get him riled up he might go through with it.

DDOS = Denial-of-service attack - Wikipedia, the free encyclopedia
DDOS Protection = Home | CloudFlare | The web performance & security company

Is it possible that he can decrease the ranking of my website on Google? or BAN my website from Google?

SEO and all that is not my speciality. I would imagine if he could access to your website and place malware on it, google would then ban your site. Might want to post this question in the SEO section.

The guy is a bully looking for an easy buck. Just by adding a .htaccess file in the wp-admin directory that limits access to your own IP address or adding a lengthy password will defend you against most hack attempts (especially made by people who only write in CAPS LOCK )

Here's a good resource for learning a bit about htaccess Stupid htaccess Tricks | Perishable Press

However preventing DDOS attacks is more difficult, but is hardly worth the risk just for the sake of bullying. DDOS usually means that the attacker is highly motivated to stop your site from working. This is usually a form of activism. Even hackers who do this for money get paid for the hour of DDOS so again, there must probably be a bigger motive than bullying..

Reporting to freelancer seems like a dead end. Best they could do is ban account.

Update WP change your password and install wp security pkugin.

Mostly though. Its a hoax.

Looks like you got the items done, Backup site, update the core and plugins, change usernames and passwords. Def change your htaccess to only allow your IP into admin.

Stop all communications with him, then move on

All the above you would want to do even without this going on.

You can also set up the tracking (piwik or other visitor tracking system) on a page of your website (make a new one, one that didn't exist before) and send him a link telling him that you will pay him if he can help you to fix the error on that url and he will most likely visit it and then you have his IP address...
Then you can contact his IS provider and find out who he really is.
Just a thought... if it's not to complicated for you
In that case just threaten him and see if he stops talking rubbish.

For the question if he can hurt your site's serp the answer is yes. If he spams a lot of bad-neighborhood links towards your site. Than you can fix it by using Google disavow links. (I don't think he will spend time doing it, it is not a small job) He can also report you for spamming. You can also find out about that and fix that.

I personally think he's just trying to make you scared and get any bucks from you.
I think he wont do anything. If he knew what is he talking about then he would know that it will take him a lot of work to do any harm to your website.

Although, I had a many wordpress sites hacked and for the same reason I re-coded them all in php. No cms's no more.

Hope that helps.

Just report him to freelancer support and further more ignore him. Just a big bs bluff.. certainly don't start playing with him as Jeromero suggested. This is only a good idea if you are a bit better with computers.

And to answer the question; yes there exists something called 'negative SEO' which could harm your google ranking. However this costs $$ - $$$ to be effective and as him clearly not having any money don't worry about it.

The person is probably full of hot air.
Most hackers would hack first, threaten later.

I would just suggest to ignore him

If you get DDOS simply just sign up at cloudflare.com and you will be protected against DDOS for a small monthly fees.

Regarding banning in google, if it was really so easy to get anybody banned in google all businesses would simply have their competitors banned in google

Just ignore that kid and you should be all good, make sure no matter what happens just don't answer him, i'm into a hosting business where i've to deal with packet kiddies and hackers 24/7 and this is the only way to deal with them, just ignore them and these kids will probably leave you alone after some time

I hope it helps

Cheers

Thanks for your suggestions... well the site is not hacked yet! So I guess it was a big bluff....

Logic
A hacker hacks
So wouldn't he hack first (if capable) and ask for money to remove hack?
I would ignore him

Just ignore. All just hot air. As guys said before - hack first, demand later.

Also - report it to freelancer as they do take it quite seriously.

Trust me if were going to hack you he would have already done so.

Ignore him or better still see how dumb he is and ask for his paypal or other payment method and report him

As a freelancer myself, I think that the "hacker" isn't really a hacker. It's just a person who worked hardly to create something and in the final, the client "forgot" to pay him. I would do the same thing if someone plays with my work. Because its not fair that someone take advantage of the work done without paying a dime, isn't?

Hi,

In the event you do get a DDoS attack, since some folks have already mentioned CloudFlare, we do have some helpful tips for dealing with a DDoS.

I agree on signing up for CloudFlare as well. Even the free version will offer some protection, the paid version specifically reroutes around DoS attacks. He'll think he's "taken you down" when really he's just attacking a CF caching server. And they do an excellent job of tracing and locking guys like this out.

If this is a person you owe money to, pay him what you owe and move on. If not, then ignore him... don't reply with a yes or no, just don't reply at all. They will move on.

It all depends where your website is firstly,If you dont want to be scared dont use the internet,though that is a bad aple since not all programmers are like that,you just need to chill out and start hang out with the big boys