Find Jobs
Hire Freelancers

Fix bugs in a E commerce wordpress theame

$750-1500 USD

Annullato
Pubblicato più di 9 anni fa

$750-1500 USD

Pagato al completamento
My name is Jan Stoop I am an Advertising art Director in Dubai. I am the owner of an Ecomerce site. Recently, we received an email from our Webhost (Hertzner) in regards to a security breach in the Wordpress E-commerce platform, allowing hackers to send out spam mails from our site URL. (Please see below correspondence with Hertzner): We are looking for you guys to quote us on fixing the problem Please also include the scope and the hours needed to fix the problem. We can provide login details once we have confirmed a price on the work. I think at the moment the site has been removed from the active server. But here is the template documentation link and website live preview: [login to view URL] _________________________________________________________________________________________________ Dear Jan Thank you for your email. I have had a long conversation with your Father Lucas this morning with regards to the website. (we were not sure if we could contact you on your mobile, with you being in Hong Kong) Unfortunately, there was definitely malicious base64 eval code injected into the list of files provided in the previous email. If this code is not fully removed, the site will remain vulnerable. Just to clarify on the termination point : The site has been compromised twice, and this constitutes a second strike. We do have a 3 strike policy, therefore, we are not looking to terminate your content, but are merely providing an update that this is the second strike and if the site is compromised again in the near future and used to send spam, we would unfortunately need to terminate the hosting. Please note, this is not something that we want to happen, hence all the communication to assist with fixing the site. For now, your father has mentioned that the site should be kept zipped in the home directory, so that when you are back, you may investigate. Please feel free to give us a call or a time when we can call you, and we can discuss in detail how we can resolve the compromised site. Kind Regards, Hetzner Abuse Department Hetzner (Pty) Ltd - Winning awards since 2003 National Contact Centre: 0861-0861-08 Fax: 0861-0861-09 International: +27 21 970 2000 Web: [login to view URL] Help Centre: [login to view URL] Email Disclaimer: [login to view URL] _____________________________________________________________________________________________________________________ Dear Lucas Stoop Please refer to the abuse complaint received attached to this email. A hacker uploaded malicious content to your website yorkiesonline.co.za. To stop further abuse, the following has been done: - The website content has been removed and is available in a folder called hetzcompromised which can be downloaded from the home directory of the account, via FTP. This will enable you/your developer to download, clean and secure the website before uploading it again. Please remove the [login to view URL] holding page now present when re-uploading the website. PLEASE NOTE: Websites are usually hacked to enable spam mailing, phishing or the spread of viruses. These types of abuse often result in blacklisting of servers, causing mail delivery failures for all domains hosted on the server. Along with the disruption of services caused by blacklisting, spam/phishing abuse and virus infections are extremely damaging to the reputation of all parties involved. It is for these reasons that Hetzner takes abuse extremely seriously and reserves the right to suspend or terminate, without warning, any account that violates our policy on abuse, whether the abuse was intentional, or not. More information on our Spam Abuse Policy is available at: [login to view URL] Information that your technician may find helpful during the investigation and clean-up process: During a virus scan performed on the site, the following malicious/suspect content was found: /wp-includes/js/tinymce/skins/lightgray/.[login to view URL] All HTTP logs for this account are available in the www_logs directory in the home directory and can be accessed via FTP. These logs contain information of the visits to your website and may be helpful in your investigation. As this is a website administration related issue, further investigations as performed by Hetzner today and further assistance in the matter is out of the scope of our services. You will need to ask your administrator to perform maintenance on the site content to remove the infected content and to improve the security on the site. If you are using a CMS (Content Management System): Hacking of CMS type websites are usually possible due to: - Poorly configured installation and/or incorrect file permissions; - the site has an insecure extension, add-on or component; - the version is outdated; - insecure passwords - CMS login credentials stolen by means of Spyware infection on administrator's computer (What is Spyware - [login to view URL]) IMPORTANT Please ensure that your website is properly secured before it is activated again. Although CMSes are useful and easy to install, they can be extremely vulnerable to exploitation if not secured properly. Securing a CMS based website involves securing the CMS once it has been installed, ensuring the CMS version is updated when a new version is available and rolling out security patches when they become available. Please consult the provider of the software you use for information on security. It is also important that the website administrator is using updated anti-virus software including anti-spyware. IMPORTANT Only removing the malicious content will not stop future abuse. You need to address and correct the security vulnerabilities on the site before the abuse will stop. You/Your web developer also need to check the entire site content and remove any other infected or malicious files found which may not be mentioned above. Should you require further assistance in this matter, please do not hesitate to contact us. Kind Regards, Hetzner Abuse Department Hetzner (Pty) Ltd - Winning awards since 2003 National Contact Centre: 0861-0861-08 Fax: 0861-0861-09 International: +27 21 970 2000 Web: [login to view URL] Help Centre: [login to view URL] Email Disclaimer: [login to view URL] _____________________________________________________________________________________________________________________ To assist you with this process, we will extract the site and move the malicious mail script to an abuse folder in the FTP home directory. This will allow you to log into the backend of the site and make the necessary changes. There might be more affected files and simply moving the file will not fix the compromise. Please be advised that this specific compromise allowed access to the [login to view URL] file, which has put your FTP and database password at risk. We suggest you take the following action after the site has been restored: * update the Revolution Slider plugin immediately * change your WordPress admin password(s) * remove any unusual user accounts from the backend * update your MySQL database password and update the [login to view URL] file * change your FTP password Please also note that if the site sends out spam email after being restored, it will once again be removed and a second strike drawn against it. Further abuse can lead to possible suspension or termination of the account, which we would like to avoid. Should you require further assistance in this matter, please do not hesitate to contact us. Kind Regards, Hetzner Abuse Department Hetzner (Pty) Ltd - Winning awards since 2003 National Contact Centre: 0861-0861-08 Fax: 0861-0861-09 International: +27 21 970 2000 Web: [login to view URL] Help Centre: [login to view URL] Email Disclaimer: [login to view URL] ___________________________________________________________________________________________________________________ Dear Jan Thank you for your email and feedback. A new scan reveals the malicious content is still present : /usr/www/users/yorkifcsuy/wp-content/uploads/wysija/themes/clefault/[login to view URL]: PHP.Trojan.WebShell-7 FOUND ----------- SCAN SUMMARY ----------- Known viruses: 3517750 Engine version: 0.98.4 Scanned directories: 635 Scanned files: 5319 Infected files: 1 Data scanned: 119.50 MB Data read: 85.93 MB (ratio 1.39:1) Time: 20.368 sec (0 m 20 s) Please ensure that this is removed. Should you require further assistance in this matter, please do not hesitate to contact us. Kind Regards, Hetzner Abuse Department Hetzner (Pty) Ltd - Winning awards since 2003 National Contact Centre: 0861-0861-08 Fax: 0861-0861-09 International: +27 21 970 2000 Web: [login to view URL] Help Centre: [login to view URL] Email Disclaimer: [login to view URL]
Rif. progetto: 6694371

Info sul progetto

20 proposte
Progetto a distanza
Attivo 9 anni fa

Hai voglia di guadagnare un po'?

I vantaggi delle offerte su Freelancer

Imposta il tuo budget e le scadenze
Fatti pagare per il lavoro svolto
Delinea la tua proposta
La registrazione e le offerte sui lavori sono gratuite
20 freelance hanno fatto un'offerta media di $966 USD
Avatar dell'utente
Hello Jan, We have gone through with the project description and your hosting provider emails. As your website is unavailable right now we couldn't check it. First we have to check it and see where are the malware and then from where it has been uploaded. Is there anyway you can show us your website? Or you can give us some temporary access so that we can check it? We look forward to hearing from you soon. Thank You & Best Regards TheExertion
$789 USD in 7 giorni
4,9 (107 valutazioni)
7,0
7,0
Avatar dell'utente
Hello Jan Stoop, No need to do advance payment. I have been read your email and the details. We will fix all the errors in 2-3 days. We have been developed many website in ecommerce so that its a easy task for us.I saw the give theme link also so that we will can complete it ASAP. Thank you
$842 USD in 10 giorni
4,2 (60 valutazioni)
6,9
6,9
Avatar dell'utente
A proposal has not yet been provided
$1.500 USD in 20 giorni
4,9 (149 valutazioni)
6,6
6,6
Avatar dell'utente
A proposal has not yet been provided
$1.184 USD in 20 giorni
5,0 (91 valutazioni)
6,3
6,3
Avatar dell'utente
Hi there, I can help, there are a number of things that needs to be checked if your code was vulnerable or how hackers entered injected code on your system, please join me on chat
$750 USD in 7 giorni
5,0 (36 valutazioni)
6,1
6,1
Avatar dell'utente
A proposal has not yet been provided
$800 USD in 3 giorni
5,0 (19 valutazioni)
5,0
5,0
Avatar dell'utente
Hi, Hope your fine. I am offering my services for this task. I am a wordpress pro and can resolve your issue in one day with 100% guaranteed security. Please PM me so that we can start working right away.
$833 USD in 2 giorni
4,7 (6 valutazioni)
2,4
2,4
Avatar dell'utente
Hello I read and checked the requirement of the project we can do this work. About Us:- we are in team having 2500+ hours of experience please come on chat to discuss more about the project to do this work in quick time. Thanks softbyteinfotech
$800 USD in 15 giorni
5,0 (1 valutazione)
0,8
0,8
Avatar dell'utente
Hello,i see that your problem is from security.I can fix that.I can improove your website security with my php skills and you will never be hacked..I thini t will take 1-2 days to fix it but i can start right now so just give me the project and let's help you!
$1.250 USD in 1 giorno
0,0 (0 valutazioni)
0,0
0,0

Info sul cliente

Bandiera: UNITED ARAB EMIRATES
Dubai, United Arab Emirates
0,0
0
Membro dal nov 6, 2014

Verifica del cliente

Altri lavori del cliente

iPhone application
$5000-10000 USD
Grazie! Ti abbiamo inviato tramite email il link per richiedere il tuo bonus gratuito.
Non è stato possibile inviarti l'email. Riprova per piacere.
di utenti registrati di lavori pubblicati
Freelancer ® is a registered Trademark of Freelancer Technology Pty Limited (ACN 142 189 759)
Copyright © 2024 Freelancer Technology Pty Limited (ACN 142 189 759)
Caricamento anteprima
Autorizzazione per la geolocalizzazione concessa.
La tua sessione è scaduta ed è stato effettuato il log out. Accedi nuovamente per piacere.