How to safely remove php code from website?

Question

I'm far from being a coder so I may be completely wrong about this but was told that StackOverflow was the place to come about this type of question.

I had a developer create a website for me about 6 months ago and was going through some of the code and found this in the config file a couple weeks ago:

$config['site']['is_admin_settings_enabled'] = true;

if ($_SERVER['HTTP_HOST'] == 'dummysite.com' && !in_array($_SERVER['REMOTE_ADDR'], array('234.42.424.22', '353.234.22.22', '42.43.553.34', '235.2.233.2', '523.244.22.3'))) {
    $config['site']['is_admin_settings_enabled'] = false;
    $config['site']['admin_demomode_updation_not_allowed_array'] = array(
        'pages/admin_edit',
        'pages/admin_delete',
        'users/admin_change_password',
        'users/admin_send_mail',
    );
}

I haven't been able to get in touch with the freelancer who created the website for me, but it looks like some type of callback to his website. Now I normally would wait a few more weeks before posting a question like this publicly, but his domain expires in three days and I'm concerned that if this is some type of callback or licensing he's built into the script, then it could cause my website to stop working when his domain expires.

Is there any way to safely remove this or make it so that his domain/IP isn't called?

Answer 1

The expiring domain will not effect your website, but it would be a good idea to understand what exactly did he implement and make sure there's no "back-door" to your web-site!

Answer 2

This looks like a whitelist of IP addresses that are allowed to perform admin duties. It doesn't look like anything will suddenly stop working based on that snippet of code, just that only certain IP addresses will be able to have admin privileges.