Expert Security Audit Of Our Magento Webstores

£20-250 GBP

Imeghairiwa

Imechapishwa

almost 8 years ago

£20-250 GBP

Kulipwa wakati wa kufikishwa

We have a Magento based website that we recently upgraded to Magento ver. 1.9.2.4 We have been made aware of a major vulnerability in Magento by our host and they identified some suspicious files on our server. We have tried to get rid of these files but want a Magento web security expert to have a look at our websites and make sure they are patched up correctly and contain no harmful content. We are not looking for someone to just install latest patches etc, so please only bid if you have the tools to analyze website and backend to make sure everything is in order. We need someone who has the self initiative to test everything before marking project as complete. Happy Bidding. Following is the message we received from our host: The Magento community was alerted to a major vulnerability earlier this year by the Magento developers. A patch was released almost immediately upon disclosure, but many sites remain un-patched even to the present. This threat compounded in danger after the disclosure as there was a simple, pre-packaged 'hack' kit that was circulating that allows just about anyone with a modicum of technical knowledge attack any Magento site that was still vulnerable. Once the site was breached, this package would upload a series of files which were consistently named and easily detected. Our initial scans for these files were what we received hits on, hence this notification ticket. Regardless of the technical knowledge needed to initiate the hack, once the hacker or script-kiddy was inside, they could install backdoors (such as the infamous 'WSO Shell', be very careful Googling that) to allow them to pursue additional nefarious activity if they wished, which is why you should always scan for files that contain suspicious looking encrypted or obfuscated PHP code. Your developer or contractor will know what I'm referring to.

Kitambulisho cha mradi: 10709852

Kuhusu mradi

34 mapendekezo

Mradi wa mbali

Inatumika 8 yrs ago

Unatafuta kupata pesa?

Barua pepe

Faida za kutoa zabuni kwenye Freelancer

Weka bajeti yako na muda uliopangwa

Pata malipo kwa kazi yako

Eleza pendekezo lako

Ni bure kujiandikisha na kutoa zabuni kwa kazi

34 wafanyakazi huru wana zabuni kwa wastani £202 GBP kwa kazi hii

@sapotacorp

Hello sir. Could you let me know what's your website? I'm a magento expert with 8 experience years. i have developed more than 200 magento sites. I have finished similar project about installing latest patches for magento 1.9.2.4 in the last project. I'm very fluent with magento 1.9.2.x. I can start immediately and provide hight quality work. Let's contact me to discuss further details. Thanks for reading. Q

£143 GBP ndani ya siku 3

5.0

(791 hakiki)

8.4

@bojanpc

Hello there, I can check your Magento website files, and remove all the files that came with the malware. The malware usually creates a lot of files, in different directories and in some cases they are overwriting the Magento core files (for stealing customer information, cc details etc.) The procedure to clean in up is to compare the website with the same version that you have, and see if the core files are changed, or if there is a modifications on un-usual places. Also there are extensions that are allowing managing with the files and directories, you might have additional admin users that you don't have created. Please let me know if you are interested, I can help you out to have a clean website, and build a system to stop further malware modifications on the website files. Looking forward to hear back from you. Best Regards, Bojan

£263 GBP ndani ya siku 5

5.0

(230 hakiki)

8.4

@musashi42

Hi, I'm very interested in Your offer. I have over 10 years of experience as system admin for both windows and linux based systems. I also have over 10 years of experience in the field of security testing and security fixing. I know all about popular vulnerabilities:xss, sqli, rfi/lfi, csrf, owasp top 10 and more. I also know how to test for vulnerabilities in various web cms(wordpress, drupal, joomla, magento, and others) including php apps and custom cms. Other than webapps, I also know how to test servers for security. I have done website security testing, penetration testing and security fixing in the past. For more regarding my previous work please check my profile. For reference, I am Certified Vulnerability Assessor and have CVA certificate from mile2 attached in my profile page. So, choose me and I can promise You that I'll complete this project on time and to Your standards; however, I'll need more details(as in website address and similar) so I could assess the scope of work and adjust my bid accordingly if needed. Thank You for considering my bid and I'm looking forward to Your reply. Cheers.

£250 GBP ndani ya siku 3

4.9

(55 hakiki)

6.7

@nirmalkirpa

Hi, You got Magento expert here. I have gone through your project description and would like to work with you. I have 6years of experience in developing and customising Magento shops. I have done approx 100 Magento sites and module. You can visit my profile to get idea of my expertise in Magento. See all projects done are in Magento with good reviews and ratings and see repeat hire rate by employers too which tells story of job satisfaction from my side. I'm looking forward to hear from you. Thanks

£222 GBP ndani ya siku 3

5.0

(55 hakiki)

6.0

@arfharwinder

Hi, I can audit security of your magento webstore within few hours and harden its security. I have fixed 2k+ sites from security issues successfully. Thanks, Harwinder Kumar

£90 GBP ndani ya siku 1

4.9

(143 hakiki)

6.2

@bestworkontime9

Hello, I understand your requirement and have experience to do this type of work. I assure you that we complete your product on time with quality. Please check your Private Message Box for more details. Thank you, Govind sharma

£150 GBP ndani ya siku 3

5.0

(32 hakiki)

5.8

@metaexcel

Hello Sir, I will go through your whole server manually. My experience says that If one infected file exists on your server then it will infect your whole server. So I need to check each file and folder manually. I will also check your SQL file because I have found malicious script or suspicious script in SQL file many times. Thanks

£150 GBP ndani ya siku 5

5.0

(44 hakiki)

5.2

@slimhack

Hello, I can do full penetration test on your store, and report/fix any issue found, including SQLi, XSS and other server related vulnerabilities About me: Linux System Administrator and RHEL Certified Engineer, Security Specialist, Offensive Security Certified Professional. Skills: 1. Administrating Linux Based Servers 2. Penetration Testing with Kali Linux 3. Securing and configuring Webservers and Databases 4. Nginx, Apache and Varnish set-up and optimization 5. Installing Server and Client side software/Add-ons 6. Bash (Unix Shell) Coder

£200 GBP ndani ya siku 1

4.9

(34 hakiki)

5.4

@developmenttask

Hi, I HAVE READ YOUR PROJECT - Expert Security Audit Of Our Magento Webstores I am very interested in your project and ready to start it immediately. Please visit my profile https://www.freelancer.com/u/developmenttask.html for my previous top quality work and feedback. I will deliver you project within your time limit without any delay. Regular updates will be provided. I am here for long term work relationship from my end so that you consider me for future job :) I will make sure you get satisfied with my work even if it require many correction or changes. Regards Aarti

£100 GBP ndani ya siku 5

4.9

(11 hakiki)

3.9

@mohitjasuja

Hello, Greeting !! I am Magento expert , having 5 years of experience in backend development, theme & plugin development, integration etc. I have gone through the details. Its issues come from the backend due to security patches and some files conflicting. So i need to analyze your store backend it will take few days. few steps i will apply in your store i.e. 1. Backend code analyze. 2 all remove malware's and cashes 3. Repair all corrupted files 4. Reinstall all security patches 5. Optimize the store It will take 2-3 days to complete the task. So let me know what suitable time you are available here. I am ready to start it right away. Thanks Mohit

£200 GBP ndani ya siku 4

5.0

(7 hakiki)

1.9

@khanmahmudcse

Hi, I’m dedicated professional Web and Desktop Programmer & Developer and also Team leader of my company. I have been working with challenge and hope to improve future plan with good network every client. If any client want to get more faster job services with save time I am ready to work. I can ensure that I’ll complete each instruction within time frame even more faster. I am available everyday to work more than 12 hours. I can ensure that I'll complete each instruction within time limit with daily update on server. I am ready to work and I hope I'll get permit to prove my experience. Thank you

£150 GBP ndani ya siku 3

0.0

(0 hakiki)

0.0

@Clicsource

Benefits 1. Certified Ethical hackers and Security testing experts on diversified testing practices. 2. Determine the application security by the help of tech-savvy users under different permutation and combinations before releasing the product to the end users. 3. Security Testing is highly secure, we follow strict policy and maintain confidentiality and privacy for our client projects. 4. Security Testing can be done on any kind of applications (Web, Enterprise, Mobile and Standalone) 5. Our resources achieve short-term technology goals, cost-effectively and rapidly. 6. Multi domain experienced testers. 7. Our application security testing framework is flexible and easy to customize as per client requirements. 8. On demand availability of testing experts and software test engineers. Achievements 1. Our Security Team represented India in Global CYBERLYMPICS 2013 finals 2. 2014 Regional Runner-up out of 120 teams from ASIA

£222 GBP ndani ya siku 7