Security Audit/Cleanse

Job entails a security expert to analyze as needed up to 4 sites on a shared webhosting account. One oscommerce site is generating an iframe injection to the index file after the first body tag on an irregular basis for around 3-4 weeks. No other sites are affected, but as all four sites are on the same account, any of the sites very well may be hosting the file, code generating the injection, or vulnerability leading to the attack. The webhost cannot find the file or code as all files appear clean, no permission errors, ect. Log files do not assist in the matter. This is NOT a matter of ftp attack or stolen passwords at we have a strick ftp allow and deny that allows only our ip to access ftp. Sites on server include two wordpress sites and two oscommerce sites. The oscommerce site in question is heavily modified.

We are NOT in need of someone removing the actual iframe injection as it is easily spotted and removed by our team.

The audit is NOT to inhibit the use of the sites by customers. If you need to copy the sites to a closed system, bidder will be expected to do so. We expect the total downtime to the site as a result of modifications to be a matter of minutes, not days or hours. NO modifications, uploads, or file deletions should be enacted until authorized by our project manager.

The iframe injection problem is what we expect the bidder to isolate. If this is a shell script, modified code, xss attack, ect this should be completed first in regards to the iframe injection. Several oscommerce security patches are enabled on the oscommerce sites including Security Pro, SiteMonitor, htaccess protection, Anti XSS.

The iframe injection links appear to be outdated as the links end up redirecting to the actual Google homepage, not a spoof page. PMB for iframe code being injected.

Do not bid if you cannot finish the iframe problem within five days (or less). Do not bid if this is your first project on freelancer.

Winning bidder agrees to receive two escrow payments to be released in line with completion of project. The first payment for finding, isolating, and fixing the iframe injection problem, whatever it may be. The second to verify changes have worked, we will hold the second escrow for a week after completion, and release as long as the site is without an iframe attack. The payments will be split 50/50. Obviously if the injection persists the job will be considered incomplete and the second payment will not be released until a week has persisted without attack.

The winning bidder amount will be split into two payments. For example: If you bid $500, it will be two escrows of $250.

Taidot: OSCommerce, Shell Script, Ostoskärryt, Verkkoturva, WordPress

Näytä lisää: worked at freelancer, worked as a freelancer, wordpress freelancer system, what other freelancer sites, what if the freelancer end the job, what freelancer changes, web project manager freelancer, web manager google, verify freelancer account, verify freelancer, use an escrow system to payment, total freelancer wordpress, tag line on freelancer, site security freelancer, security job, receive payments with escrow, receive payments escrow, question manager, protection of a freelancer, protection for freelancer, project manager on line, project manager job sites, project manager at freelancer, pro freelancer site, on audit

Tietoa työnantajasta:
( 20 arvostelua ) Indianapolis, United States

Projektin tunnus: #662693

12 freelanceria on tarjonnut keskimäärin 421 $ tähän työhön


Hi, see my profile, thank you.

250 $ USD 7 päivässä
(134 arvostelua)

Hi, I'm ready to start. Please check my profile for references and Your PM for more details. Thank You.

400 $ USD 3 päivässä
(31 arvostelua)

Hi Good day, Web hacker Bid. Expert in testing and securing website and server against hacking. And having extensive knowledge in iframe injection. Please check ur inbox for more details. Regards [url removed, login to view] B.E

500 $ USD 4 päivässä
(23 arvostelua)

Hi, please view pmb for details, thank you.

300 $ USD 5 päivässä
(19 arvostelua)

I can help you with your problem, please check PMB.

250 $ USD 1 päivässä
(12 arvostelua)

Please Read PMB.

250 $ USD 10 päivässä
(9 arvostelua)

Hello, Bid from web application security experts. Check the PMB for more details about our portfolio. Cheers, InfyAgent

600 $ USD 5 päivässä
(7 arvostelua)

Hello, I can help you with this.

300 $ USD 5 päivässä
(6 arvostelua)

Hi Nic, I'd like to bid on your new project. I can have the account and all sites audited this week with all work carried out on a secure closed system as discussed in the previous project. You should be able to see Lisää

500 $ USD 5 päivässä
(2 arvostelua)

Hello sir ,please check P.M.B thanks

250 $ USD 3 päivässä
(2 arvostelua)

Please see PMB.

250 $ USD 4 päivässä
(2 arvostelua)

Hello, I believe we can log everything out on another server and check what the problem is, I am sure I can handle this. PM me for any questions.

300 $ USD 4 päivässä
(0 arvostelua)

Let it be done by pro

1500 $ USD 2 päivässä
(0 arvostelua)

I'm an expert in linux/unix/windows operating system, working much time in amazon cloud computer and also have much experience in web security , server security and network security. I can help you solve out your probl Lisää

250 $ USD 2 päivässä
(0 arvostelua)