Total Posts: 791
all you have to do is - configure a copy of your site in test sub-domain.
test database and test user only for this database.
without any payment information, or customer details, etc…
then configure chroot vsftpd and chroot/limited shell if needed.
developer will work on test domain, and only in test folder.
when job completed, you can move new/edited files to your production folder, where you only have access to.