Expert Security Audit Of Our Magento Webstores

Cancelled Posted 7 years ago Paid on delivery
Cancelled Paid on delivery

We have a Magento based website that we recently upgraded to Magento ver. 1.9.2.4

We have been made aware of a major vulnerability in Magento by our host and they identified some suspicious files on our server. We have tried to get rid of these files but want a Magento web security expert to have a look at our websites and make sure they are patched up correctly and contain no harmful content.

We are not looking for someone to just install latest patches etc, so please only bid if you have the tools to analyze website and backend to make sure everything is in order. We need someone who has the self initiative to test everything before marking project as complete.

Happy Bidding.

Following is the message we received from our host:

The Magento community was alerted to a major vulnerability earlier this year by the Magento developers. A patch was released almost immediately upon disclosure, but many sites remain un-patched even to the present. This threat compounded in danger after the disclosure as there was a simple, pre-packaged 'hack' kit that was circulating that allows just about anyone with a modicum of technical knowledge attack any Magento site that was still vulnerable. Once the site was breached, this package would upload a series of files which were consistently named and easily detected. Our initial scans for these files were what we received hits on, hence this notification ticket.

Regardless of the technical knowledge needed to initiate the hack, once the hacker or script-kiddy was inside, they could install backdoors (such as the infamous 'WSO Shell', be very careful Googling that) to allow them to pursue additional nefarious activity if they wished, which is why you should always scan for files that contain suspicious looking encrypted or obfuscated PHP code. Your developer or contractor will know what I'm referring to.

Audit Internet Security Magento Web Security

Project ID: #10709852

About the project

34 proposals Remote project Active 7 years ago

34 freelancers are bidding on average £202 for this job

sapotacorp

Hello sir. Could you let me know what's your website? I'm a magento expert with 8 experience years. i have developed more than 200 magento sites. I have finished similar project about installing latest patches for mage More

£143 GBP in 3 days
(791 Reviews)
8.4
bojanpc

Hello there, I can check your Magento website files, and remove all the files that came with the malware. The malware usually creates a lot of files, in different directories and in some cases they are overwrit More

£263 GBP in 5 days
(230 Reviews)
8.4
musashi42

Hi, I'm very interested in Your offer. I have over 10 years of experience as system admin for both windows and linux based systems. I also have over 10 years of experience in the field of security testing and security More

£250 GBP in 3 days
(55 Reviews)
6.7
nirmalkirpa

Hi, You got Magento expert here. I have gone through your project description and would like to work with you. I have 6years of experience in developing and customising Magento shops. I have done approx 100 Magento sit More

£222 GBP in 3 days
(55 Reviews)
6.0
arfharwinder

Hi, I can audit security of your magento webstore within few hours and harden its security. I have fixed 2k+ sites from security issues successfully. Thanks, Harwinder Kumar

£90 GBP in 1 day
(143 Reviews)
6.2
bestworkontime9

Hello, I understand your requirement and have experience to do this type of work. I assure you that we complete your product on time with quality. Please check your Private Message Box for more details. Thank yo More

£150 GBP in 3 days
(32 Reviews)
5.8
metaexcel

Hello Sir, I will go through your whole server manually. My experience says that If one infected file exists on your server then it will infect your whole server. So I need to check each file and folder manually. I wil More

£150 GBP in 5 days
(44 Reviews)
5.2
slimhack

Hello, I can do full penetration test on your store, and report/fix any issue found, including SQLi, XSS and other server related vulnerabilities About me: Linux System Administrator and RHEL Certified Engine More

£200 GBP in 1 day
(34 Reviews)
5.4
developmenttask

Hi, I HAVE READ YOUR PROJECT - Expert Security Audit Of Our Magento Webstores I am very interested in your project and ready to start it immediately. Please visit my profile https://www.freelancer.com/u/ More

£100 GBP in 5 days
(11 Reviews)
3.9
mohitjasuja

Hello, Greeting !! I am Magento expert , having 5 years of experience in backend development, theme & plugin development, integration etc. I have gone through the details. Its issues come from the backend due to s More

£200 GBP in 4 days
(7 Reviews)
1.9
khanmahmudcse

Hi, I’m dedicated professional Web and Desktop Programmer & Developer and also Team leader of my company. I have been working with challenge and hope to improve future plan with good network every client. If any clien More

£150 GBP in 3 days
(0 Reviews)
0.0
Clicsource

Benefits 1. Certified Ethical hackers and Security testing experts on diversified testing practices. 2. Determine the application security by the help of tech-savvy users under different permutation and combinations More

£222 GBP in 7 days
(0 Reviews)
0.0