2 part job, please inform if you are bidding on security only or both:
A) Job is to secure a heavily modified existing oscommerce site with wordpress integrated. Have vulnerabilities leading to code being inserted into various pages especially index on a daily basis. Need this isolated and fixed. Example of code being inserted is attached. Need store to be able to function properly without hourly monitoring to view for malicious code. We do not accept credit cards in the store, the function is for customers to request quotes, but we do not want to lose any features of the site including the checkout process in order to gain security of files. Site modifications must result in fully functional site from index to checkout without any errors, as there are currently none.
Currently all IP except our individual IP is disallowed. Attack is most likely cross-site scripting, but unsure. Currently have multiple security based contributions installed including SiteMonitor, FWR Security Pro, and Anti XSS installed. These appear to be working as advertised. Please see code attached for example of iframe attack.
All permissions seem to be in line according to scans and host. Problems might exist in forms, search, and product form boxes. I am unsure as to where problem exists. Job may require looking through the 2 other sites hosted with this account, 1 oscommerce, 1 wordpress. Other oscommerce site includes similar security modules, but has never been attacked to our knowledge. This security fix is for 1 site.
B) If it can be arranged from a single provider, we desire a price for reducing queries and decreasing load time. Not interested in a generic osCommerce Performance module that doubles query count on each initial load only to half the query count on the second load. Looking for an actual reduction in page load time and query count without compromising security or design. Current query count is between 12-38 depending on page browsed. On average, pages take 3.9 seconds to load. Total image size of index is under 50k.
Job will be paid escrow to winning bidder until zip file with file changes is received and confirmed to work as indicated. Or if work is to be performed by bidder, until all work is completed.
12 freelanceria on tarjonnut keskimäärin %project_bid_stats_avg_sub_26% %project_currencyDetails_sign_sub_27% tähän työhön
Successfully cleansed dozens of sites of noted injection (refs available). Will rid domain of exploit immediately as that is obviously your priority. PMB for discussion regarding caching.