Investigate & Fix Website Breach

@kchoudhary95

With a solid 7+ years of web development experience, I have refined my skills to address and resolve complex challenges like the breach you're facing. Linux is one of my area of expertise which helps me in effectively identifying and addressing security vulnerabilities without having full SSH access like in your case. I can provide you with a complete forensic report that will outline not only where the breach may have occurred but also an overview of the steps I took to rectify the issue, this along with hardened configuration will ensure that your website remains safe post-cleanup. Moreover, in addition to bug fixing and optimization, I specialize in creating secure REST APIs – essential for not just blocking intrusion but also employing any third party integrations. Lastly, clear communication is at the forefront of my service delivery process - it's how I manage to maintain 5-star client feedback on over 130 successful projects. My services do not end with project completion - if chosen for this project, I assure ongoing support and even provide you with a final security checklist for effective long-term maintenance. You can count on my skill-set and dedication to get your website back under your control and operating securely. Let's discuss further.

@webperfection123

Hi, I can perform a complete sweep of your site using FTP, identifying and removing malicious files and scripts while patching any vulnerabilities. I’ll ensure that every trace of the compromise is eradicated and that your site is hardened to prevent future breaches. After that, I’ll provide you with a detailed root-cause report and a security checklist for ongoing maintenance. With over 9+ years of experience in PHP development and security, I’m confident in tackling these challenges effectively. Let’s get your site secure again! Best Regards, Priyanka

@raphaelokekeze

Hello, I'm Raphael, a web designer/developer with over 13 years of experience. I've read through your project, and I can help with your request Please send me a message to get started. Thank You

@gunslinger

Hey, I read your case and this definitely looks like a persistent backdoor, not just a surface level infection. The fact that files reappear after .htaccess changes usually means there’s a hidden entry point still executing somewhere. I’ve handled similar cleanups where the real issue wasn’t the visible files but a deeper script or scheduled trigger. I’m comfortable working over FTP only and doing a full sweep to trace the entry point, remove everything cleanly, and lock it down so it doesn’t come back. Not an automated bid, I read your details and this is exactly the kind of forensic cleanup I usually do. I can start by identifying how the reinjection is happening and go from there.

@extreamcode

Hi there, I’ve read your breach case in detail and I’m confident I can identify the persistent entry point, remove all injected files, and harden your PHP site so you can sleep at night. With solid PHP/Web security experience and a forensic approach, I’ll work entirely over FTP to hunt malware, locate hidden shells, and map configuration pockets where a script could survive. I’ll deliver a root-cause report, a clean codebase, and practical hardening steps you can apply going forward. Here’s how I’ll tackle it: a targeted malware sweep (Maldet/ClamAV or equivalent) plus grep/diff-driven change tracking to surface backdoors, followed by a clean rebuild of compromised pages and verification of Google/site-verification vectors. I’ll patch .htaccess, tighten permissions, refresh salts, and implement robust monitoring to prevent recurrence. The process includes a detailed security checklist for ongoing maintenance and a clear, written plan for you to follow. I’ve shared an initial estimate based on your description, and once we go over a few technical or functional details, I’ll confirm the exact cost and delivery schedule. [clientIssueUnderstanding] From a security perspective, would you be comfortable sharing the current server environment details (OS, PHP version, used web server), and any known backdoors or logs you’ve noticed so far—the more context, the faster I can pinpoint the entry point and craft a durable hardening plan?. Best regards, Asad

@joomextensions

I’ll perform a full forensic cleanup and hardening of your PHP site via FTP. With 10+ years of experience and 600+ projects, I specialize in hunting hidden shells, base64 backdoors, and rogue .htaccess injections. My Recovery Plan: Deep Scan: Manual & automated sweep for PHP malscripts and "phone-home" backdoors. Root Cause: Identify the entry point (outdated plugins, SQLi, or weak permissions). Hardening: Apply strict .htaccess rules, file immutable bits (where possible), and fresh salts. Report: Full written audit of what was removed and why. 5-Star Security Expert. Ready to start immediately!

@ambientinfotech

Hello, It's great to speak with you about your new project..!! I understand issue on website and server malware's effect, for clear this issue we have to perform following actions please review carefully 1. Changes all password (Website and server) 2. Remove all backdoor, no one can access server and there files without permission 3. Scan entire server/code files and database 4. effect files repair and update with system 5. unused php extn and any other content remove form server 6. create logs to proper tracking and make sure same type of issue not comes again 7. handover project to you back Ping us for more better discussion Best Deva

@seefattechnologi

Investigate & Fix Website Breach-----------I am highly appreciative to work on this specific task I can do my best. I am an Innovative PHP/Full stack developer having rich experience with so many successful Tasks. Let’s connect on chat for further discussion and start quickly. Thanks!!

@srmukul2

Hello, I’m Shofiur Rahman, Certified Ethical Hacker and CEO of Pentest Testing Corp, with strong experience in PHP malware cleanup, backdoor hunting, and compromised website recovery. Your case clearly suggests a persistent backdoor or reinfection point. Even with FTP-only access, I can perform a structured forensic sweep to identify: - malicious Google verification files - hidden PHP shells / obfuscated backdoors - injected page code and rogue includes - unsafe upload points, writable directories, and weak permissions - persistence via ".htaccess", cron-like scripts, or modified core files My process includes full codebase review, pattern-based malware hunting, diff analysis, suspicious file triage, and manual validation to isolate the real entry point—not just remove visible symptoms. Deliverables: - Complete removal of injected files, rogue scripts, and altered code - Root-cause report explaining how the compromise happened - Hardened configuration (".htaccess", permissions, upload restrictions, salts, file protections) - Final maintenance checklist to prevent reinfection I work carefully to clean without breaking the live site and document every action clearly. Once you provide FTP access, I can start immediately and flag any critical issue as soon as it is confirmed. Best regards, Shofiur Rahman CEO — Pentest Testing Corp

@wsafreelancer

Hi, I can help you clean and secure your PHP site that’s being repeatedly compromised. This behaviour strongly indicates a persistent backdoor or file-level reinfection rather than a simple front-end injection. I’ll start with a full forensic audit over FTP, scanning the entire codebase, hidden directories, and configuration files to locate the entry point (commonly abused upload handlers, outdated plugins, writable PHP shells, or cron-style reinjectors). Once identified, I’ll remove all malicious files, restore clean originals, and patch the vulnerability so it cannot be reused. You’ll receive a clear root-cause report explaining exactly how the breach occurred, what was removed, and what steps were taken to secure the system, along with a practical checklist for ongoing maintenance. I can start immediately via FTP access and work through it systematically until the site is fully clean and stable.

@webcast

Hello, I’ve cleaned and secured many compromised PHP sites with hidden shells, so I understand how persistent backdoors can be. I’ll trace every unauthorized Google site-verification file, remove injected scripts, patch the exploitation vector, and harden permissions, salts, and .htaccess rules while documenting everything for your ongoing maintenance. Thanks- Webcast Technology

@eliaa

Dear Client, I understand how critical website security is, especially when your custom-built PHP site is being repeatedly compromised by attackers dropping unauthorized Google site-verification files. At Smart Sols, we specialize in backend development with extensive experience in PHP, including native PHP, and have a strong track record of identifying vulnerabilities and securing web applications. With over 9 years of full-stack development expertise, we will thoroughly investigate the root cause of the breach, identify security loopholes, and implement robust protections to prevent future attacks. Our approach includes: - Comprehensive code and server environment audit - Identifying and patching vulnerabilities such as file upload weaknesses or misconfigurations - Securing server permissions and access controls - Setting up monitoring and alerts - Advising on best security practices for your PHP site We commit to delivering a secure and trustworthy solution efficiently within your budget of $250. We communicate clearly and work collaboratively until you are fully satisfied. Looking forward to helping you regain control and peace of mind for your website.

@iosifpeterfi

I have extensive experience in web development and am excited about Investigate & Fix Website Breach.

@marjanahmed13

Hi! My name is Marjan and I'm here to offer you my services as a skilled applicant with over a decade of experience working on Freelancer.com. l believe I am the best fit candidate for this project due to my extensive experience; I would like to have a discussion to get to know that we both are on the same page. Once the scope will be locked, I will start working on it right away.

@Herculesz

Hi, I can help you investigate and clean this PHP site properly, focusing on the backdoor that is allowing the verification files and page injections to keep coming back. I have experience with PHP malware cleanup, compromised file analysis, hidden shell detection, obfuscated code review, and hardening sites even when access is limited to FTP only. The core technical problem here is that the visible spam files are only the symptom, while a persistent loader, modified include, or writable entry script is likely still executing somewhere in the codebase. I can solve that by doing a forensic sweep of the PHP files, config files, upload paths, and changed templates, comparing suspicious code patterns, removing the malicious persistence points, and tracing the likely reinfection path. I’ll also tighten the site with safer permissions, cleaned .htaccess rules, credential rotation guidance, and practical maintenance steps so the compromise does not just reappear after cleanup. You’ll get a clear root-cause summary, a cleaned codebase, and a checklist that makes ongoing monitoring much easier. I’m comfortable working carefully in constrained environments and documenting exactly what was changed. Thanks, Hercules

@mohjib092

Your issue clearly points to a hidden backdoor that keeps reinfecting the site—I’ve cleaned up similar PHP compromises before. I’ll thoroughly scan your files via FTP, remove all malicious scripts, restore affected pages, and track down the exact entry point causing the reinfection. Then I’ll secure the site properly by tightening permissions, fixing vulnerabilities, and hardening your .htaccess so this doesn’t happen again. You’ll also get a simple report explaining what went wrong and how to prevent it going forward. I can start right away and keep everything transparent as I work.

@jayprakashyadav

As someone with extensive experience in PHP web development, I understand the gravity of your situation and the need for swift, accurate solutions. Keeping up with new trends in website security, as well as malicious tactics used by hackers, has been a vital part of my professional growth. Having delved deep into web security even sans a full SSH access, I'm well-equipped to hunt malware efficiently using alternative methods like Maldet, ClamAV, grep and diff. My adherence to best practices ensures a thorough forensic sweep as you've requested. I'll not only identify and eliminate the entry point that has led to these breaches but also reinforce your site with robust measures and upgrades such as updated .htaccess rules, tightened permissions, fresh salts and more - until it's watertight against future attacks. In sum, you deserve a web developer who understands your predicament, has the technical know-how to navigate it effectively and rise above it. Partnering with me guarantees you just that - a proven proficiency in web security through years of experience as well as skills honed across a multitude of emergencies. Let's get started on making your website safe once again. Thanks, Jay

@khurshid040462

Hi I understand the urgency and severity of your PHP site compromise Persistent rogue verification files and page overwrites are clear signs of a backdoor that needs thorough detection and removal I have extensive experience performing malware hunts and forensic sweeps on PHP sites via FTP, including locating hidden shells, rogue scripts, and malicious code injections I focus on full root-cause analysis, patching vulnerabilities, and hardening sites to prevent recurrence For your project I will: Sweep the entire codebase and file system for injected scripts, cloned pages, and Google site-verification files Identify and remove the backdoor allowing persistence Harden your site with updated .htaccess rules, file permissions, fresh salts, and any necessary configuration adjustments Provide a detailed report explaining how the breach occurred, what was fixed, and a security checklist for ongoing maintenance One suggestion: implementing scheduled integrity checks and monitoring for unexpected file changes will help detect any future issues early I’ve previously secured PHP e-commerce sites that were repeatedly compromised, fully removing malware and restoring search engine trust I can start immediately and aim to deliver a fully cleaned and hardened site within 2–3 days depending on site size Quick question: do you want me to also scan any media/uploads directories for hidden PHP files, or focus only on code and configuration folders Regards Khurshid Ahmed

@jayantkumar314

I’ve handled PHP site compromises like this and can clean and secure your server properly. I’ll perform a full scan of your codebase via FTP to locate backdoors, injected scripts, and modified files, then remove all malicious content and restore any affected pages. I’ll trace the root cause (vulnerable script, upload point, or hidden shell), patch it, and apply proper hardening—.htaccess rules, file permissions, and cleanup of any persistence mechanisms. I’ll also provide a clear report explaining how the breach happened, what was fixed, and a simple checklist to keep your site secure going forward. Ready to start immediately and lock this down.