Web Security Jobs

I’m managing a law-firm website on WordPress and need a Scrum-savvy professional to guide a short, focused sprint that uncovers every problem and closes each one out. At the moment the homepage, service pages, and contact forms are suffering from slow load times, broken links, visible placeholder text, and several security red-flags my host keeps warning me about. Here’s how I’d like us to tackle it: • Kick off with a rapid discovery session, turning existing pain points into a clear, prioritised backlog. • Run one or two time-boxed sprints (your call after the audit) to deliver: – Sub-two-second load times across the affected pages – Fully working links and forms, no placeholder copy left behind – Core Web Vitals in the gree...

My web application was prototyped in Google AI Studio and is already live in a sandbox environment, but a handful of thorny issues are blocking the ability to launch the app live. I’d like an experienced web-app engineer to comb through the code, confirm it meets best practices, and then resolve filtering errors based on the monetization model. Additionally, I need to connect a payment gateway and validate that it works. I will grant access and share environment credentials as soon as we start. A concise change log, commented commits, and a short validation report explaining what you reviewed and why you adjusted it will be the acceptance criteria.

I have a Base44 application that is already coded for the web and I want it running on my own virtual private server. The VPS is up, secured, and ready—what’s missing is the actual deployment. Here’s what I need to happen: clone or upload the current codebase to the server, install any required dependencies, configure environment variables, link up the database and storage locations I specify, and then expose the app at my domain with an SSL certificate in place. Once everything is live, a short, clear README or set of notes on the steps you took will help me maintain future updates without guesswork. Acceptance criteria • Application loads over HTTPS at the domain I provide. • All existing features work exactly as they do in my local build. • Deplo...

Need experienced Linux System Administrator for server hardening. Tasks include security audit, firewall configuration, SSH hardening, user access control, patch management, and security monitoring setup. Must have experience with Ubuntu/CentOS and tools like Fail2ban, SELinux. Provide documentation of all changes.

A recently rebuilt Windows workstation needs a bullet-proof antivirus setup carried out over a remote session. The job begins with selecting an effective AV suite (I am open to your recommendation—Norton, McAfee, Kaspersky, or another best-in-class option) and continues through full installation, optimisation, and hardening. Key protection goals • Online banking: isolate browser sessions, enable real-time phishing & key-logger defences, and verify safe-transaction modules are active. • Confidential files: enforce on-access scanning, tune heuristic settings for maximum detection, and lock down local folders with password-protected vaults or encryption available within the AV. • Google Drive sync: ensure cloud-storage scanning is enabled, block malicious file ...

My Classic ASP site was recently overrun by a black-hat SEO attack that injected gambling-related links into pages crawled by Google. Since then I’ve noticed a dip in performance, repeated security warnings, and spam URLs appearing in Search Console. I can give you full server access, including IIS and database credentials, plus the security logs and scans already generated by our endpoint software. What I need from you is a thorough forensic sweep to pinpoint every entry point—whether that’s a compromised .asp file, a rogue include, or a polluted database field—and then clean it without breaking the legitimate codebase or content. Deliverables • Complete scan of site files, MSSQL/Access tables and IIS logs • Written report listing each malicious...

IIS issue for website loading, sometimes loads faster and sometimes takes so much of time... so need to work on iis settings to make it work smooth and without any delay loading

I run a production-level Windows server that now needs steady, professional care. The box is already up and live; what I need is someone who can step in and take over the routine work that keeps it healthy and secure. Your core responsibility will be ongoing maintenance—installing patches, checking logs, pruning obsolete services, and making sure performance never drifts. In parallel, I want proactive security updates: closing vulnerabilities quickly, hardening configurations, and documenting every change so there are no surprises later. A typical month might include: • Scheduling and applying Microsoft updates with minimal downtime • Reviewing Event Viewer and other logs for early warning signs • Updating firewall rules or IPS policies when new threats emerge ...

Technical Status Report: Resource Exhaustion (503 Error) Site: Environment: A2 Hosting (Shared) | 2GB RAM Limit | 100% CPU Limit 1. The Issue The site is currently experiencing a persistent 503 Service Unavailable error. Analysis of the A2 Resource Usage shows the account is hitting its Physical Memory (2GB) and CPU (100%) ceilings almost immediately upon server reset. 2. Actions I HAVE already taken Plugin Isolation: Renamed the /plugins/ folder to plugins_hold. Process Reset: Cycled PHP versions (8.3 to 8.2 and back) to kill hanging lsphp processes. Caching: Flushed and Enabled LiteSpeed Web Cache via cPanel. Security: Briefly disabled ModSecurity (site attempted to load but crashed again instantly). Cron/XML-RPC: Added DISABLE_WP_CRON to and blocked via ....

I have, 40-core machine with 1 TB of RAM that needs to be turned into a practical development box for my team. The goal is to have both Windows Server and Ubuntu Server installed side-by-side, each ready for daily coding, testing, and collaboration. Here’s what I need from you: • Plan and carry out the installation of the two operating systems, making sure they coexist cleanly (dual-boot, virtualization, or any proven approach you recommend). • Partition and configure storage so that each OS has ample, clearly labeled space. • Enable remote access for multiple developers, with sensible user and permission settings already in place. • Apply baseline security hardening and system updates so we start from a solid, up-to-date foundation. Once finished, I s...

My Server4You VPS has triggered an abuse report and I need a one-time, decisive intervention. The first order of business is malware removal—locating and eradicating any malicious code sitting inside the WordPress installs. While doing so, I also need you to pinpoint which site is behind the current XML-RPC and brute-force login traffic, disable XML-RPC wherever it isn’t explicitly required, and verify no backdoor scripts are left behind. You will receive root (or sudo) SSH access. Once inside, please: • Scan every WordPress instance and the underlying file system, remove malware, and patch obvious vulnerabilities. • Trace the origin of the XML-RPC abuse and stop it without breaking legitimate functionality. • Review cron jobs, tighten file and directory pe...

I'm seeking a security assessment for my corporate website. The primary concern is phishing attacks. I'm looking for a detailed report and provides actionable recommendations to enhance security. Key Requirements: - Assessment of current security measures (basic) - Identification of phishing vulnerabilities - Recommendations for improvement Ideal Skills and Experience: - Experience with corporate website security - Expertise in phishing attack prevention

My WordPress site needs an urgent fix on two fronts. First, password-reset emails never reach users even though the site is configured with the WP Mail SMTP plugin. I need you to trace why the messages fail—whether that’s an SMTP authentication glitch, host restriction, or mis-routing—and make sure the reset flow works end-to-end, including successful delivery to common providers such as Gmail and Outlook. Second, bots are flooding the registration form. There is currently no CAPTCHA in place, so a solid anti-spam layer has to be added. I’m open to Google reCAPTCHA, hCaptcha, or any proven alternative you recommend. The spam accounts already created should be purged, and the loophole closed permanently without degrading the experience for legitimate users. Deli...

My web backend already handles real-time WebSocket traffic and device-to-server messaging, but the client management module now needs immediate attention. The current codebase shows signs of SQL injection issues and server misconfigurations, and an initial scan hints at possible backdoors. Here’s what I need you to do: • Conduct a full security audit across the PHP + MySQL stack (running on Apache in a XAMPP-style setup) as well as the Node.js WebSocket layer. • Isolate and remove any backdoors, patch every SQL-injection entry point you uncover, and fix configuration mistakes that could expose the server. • Redeploy the cleaned code on a fresh, standard Linux server image, migrate the database where necessary, and confirm that all WebSocket real-time features r...

I need an experienced developer to set up my GoGetSSL / Sectigo SSL certificate via ACME on Apache today. The domain is already pointing to the server, and credentials are ready. What you’ll do: Generate & validate the ACME order Install SSL + chain file on Apache Force HTTPS (HTTP → HTTPS) and restart Apache Verify SSL Labs rating “A” Set up automatic renewal or provide instructions Requirements: Proven experience with GoGetSSL / Sectigo + ACME Immediate availability Ability to provide a short log of commands used ✅ The goal: website fully secure with green padlock today.

I need a new subdomain created inside my Square space account so it points cleanly to , where all my online courses will live. has already supplied the precise CNAME and TXT records and I will pass those straight to you; they simply have to be entered without disturbing the rest of the zone file because other integrations are already running on the root domain. At the same time, I want my branded email address fully recognised by the CRM. That means adding or adjusting the accompanying MX, SPF, and DKIM records so outgoing messages authenticate and incoming replies land where they should. Deliverables • Subdomain resolves to the correct workspace over HTTPS and passes their custom-domain check. • Email records propagate, SPF/DKIM show “pass” in common tester...

My Shopify account has been compromised, and I need a thorough investigation. Key tasks: - Investigate account access issues - Identify and document unauthorized marketing activities - Provide evidence of account abuse Ideal skills and experience: - Strong background in cybersecurity - Experience with Shopify platform security - Ability to generate detailed investigative reports - Prior experience handling similar security breaches I expect a detailed report with evidence of abuse.

Looking for a Security Specialist to conduct a Grey-Box Penetration Test on a SaaS platform built with Laravel and React. The app helps real estate sourcers package deals using AI and third-party data. The objective of this project is to collate the results of a gray box test, identifying vulnerabilities and weaknesses at minimum in the application's authentication and authorization mechanisms, input validation, state management, access control and encryption of a web application. Testing will focus on identifying potential security risks and providing recommendations for remediation. Scope of Work: • Audit the Authentication/Authorization flow (JWT/Laravel Sanctum). • Test for IDOR and Broken Access Control between user accounts. • Audit API security (integrations ...

I need clear, step–by-step help selecting and purchasing a reliable VPS located in Zambia that I can dedicate to running applications. I’m starting with no current provider, so I’m looking for someone who can: • shortlist trustworthy Zambian data-centre vendors that actually provision local IP addresses, • compare their CPU, RAM, network throughput and uptime guarantees against regional competitors, • walk me through the order process, payment options and any KYC requirements, • advise on the most cost-effective plan that comfortably supports application workloads, • provide a concise checklist for the initial server hardening and OS install once the VPS is active. If you already manage or have deployed instances in Zambia, even better—ple...

My PHP-based app suddenly throws “Expected response code 235 but got 535 – Authentication credentials invalid” every time it tries to send mail. I already updated the SMTP username and password, yet both LOGIN and PLAIN still fail. What I need from you is a rapid deep dive into the SSL/TLS handshake, the SMTP dialogue, and any server settings that might be blocking correct authentication. I’ll grant temporary access to the mail-sending config and stream live logs; I can also run telnet or openssl commands on demand so you can trace the exact exchange. Deliverables • Identify the precise cause of the 535 failure • Implement or walk me through the fix until a test message returns code 235 (success) • Provide the confirmed working host, port, encryptio...

The goal of this project is to significantly improve the website’s loading speed and overall performance, ensuring a load time of under 3 seconds on both mobile and desktop devices. Faster website performance will enhance user experience, reduce bounce rate, and improve SEO rankings and conversion rates. Project Objectives • Achieve page load time below 3 seconds on mobile and desktop • Improve Google PageSpeed Insights, Core Web Vitals, and Lighthouse scores • Optimize website for better user experience and search engine performance • Ensure smooth performance without affecting design or functionality Scope of Work • Image optimization and next-gen format implementation (WebP/AVIF) • Minification of CSS, JavaScript, and HTML files • Browse...

I'm looking for a skilled website developer to create an e-commerce store for my jewelry business. The website should be user-friendly, visually appealing, and secure. Essential features include: - Product catalog and search - Secure payment gateway - Customer reviews Ideal candidates should have: - Proven experience in developing e-commerce websites - Strong understanding of secure payment integration - Ability to implement customer review sections Please share your portfolio and relevant experience.

I’m bringing a multi-layer system back online—a native PHP-MySQL web backend that drives a Node.js WebSocket service and a client-management console. Before launch, the entire codebase needs a deep security sweep, but the web backend is my first target. I suspect hidden backdoors and unpatched vulnerabilities; I need them located, removed, and the fixes thoroughly documented. There’s no existing audit playbook, so I rely on you to propose and carry out a full methodology that mixes code review, penetration testing, patching, and verification. The environment is classic XAMPP (Apache, PHP, MySQL/MariaDB) with a standalone Node.js layer handling real-time connections, so hands-on experience with that exact stack is essential. Deliverables • A concise audit plan out...

looking for an experience wordpress security manager. need to have experience with email security, website security, server security. must speak english and have proven experience.

I am conducting an authorised security assessment on a website that currently sits behind Cloudflare. The owner has given me written permission to verify how well the service hides the origin server, and my first objective is simple: locate the true, routable IP address of that server. What I need from you • Discover the origin IP without disrupting production traffic or triggering any Cloudflare security events. • Confirm that browsing directly to the uncovered IP renders the site identically to the public domain (same content, layout, and functionality). • Provide a concise report describing the exact approach—whether you relied on passive DNS enumeration (dig, SecurityTrails, Shodan etc.), historical records, sub-domain leakage, server misconfiguration, or ...

I need a seasoned PHP security specialist to comb through an existing application, locate and remove every hidden backdoor, then harden the code so it stands up to malicious probing—SQL Injection is my top worry. Once the cleanup is finished, you’ll redeploy the patched build to my live PHP stack and confirm that all features operate normally under real traffic. A successful engagement means: • a brief, private report pinpointing each issue you discovered and how you neutralised it • a fully patched source tree returned to me, ready for version control • the application running stably on my server, with verification that the fixes prevent the SQL Injection vectors you identified Please come prepared with practical exploitation knowledge, the usual security ...

I have a full PHP code-base that must be cleaned of any hidden backdoors, patched against SQL Injection, and then deployed so it runs smoothly on my Windows server environment. The application currently runs, but I cannot risk latent malware or unsafe database calls remaining in production. What I need you to do • Examine every file—manual review plus your preferred static-analysis tools (e.g. SonarQube, RIPS, phpStan) to spot obfuscated code, web shells, or suspicious eval/exec patterns. • Refactor insecure SQL statements to use prepared queries or an ORM layer where practical, confirming user input is safely sanitised. • Apply all other best-practice hardening steps that come up during your audit (strict error handling, safe file uploads, updated dependencies,...

Project: Beta-Stage Web Application Security Setup Role Needed: Web Application Security Engineer Project Overview I’m preparing a coaching-based web platform for public beta and need an experienced professional to implement industry-standard security best practices suitable for handling sensitive user data. The application is built using a modern low-code/no-code frontend with Supabase as the primary backend and database. Custom SQL integrations via secure APIs are possible if needed. Objective Prepare the platform for public beta by implementing professional, scalable security foundations that: Protect user and client data Build trust with end users Lay groundwork for future enterprise compliance (SOC 2 / ISO later — not required now) Scope of Work (Deliverables) ...

I need a thorough security analysis of my Windows 11 PC to determine if it was compromised, enabling account theft. Key tasks: - Log file analysis - Registry analysis Ideal skills and experience: - Expertise in Windows 11 security - Proficient in log file and registry analysis - Experience with cybersecurity and threat detection - Ability to provide a detailed report of findings

My PHP-based app suddenly throws “Expected response code 235 but got 535 – Authentication credentials invalid” every time it tries to send mail. I already updated the SMTP username and password, yet both LOGIN and PLAIN still fail. What I need from you is a rapid deep dive into the SSL/TLS handshake, the SMTP dialogue, and any server settings that might be blocking correct authentication. I’ll grant temporary access to the mail-sending config and stream live logs; I can also run telnet or openssl commands on demand so you can trace the exact exchange. Deliverables • Identify the precise cause of the 535 failure • Implement or walk me through the fix until a test message returns code 235 (success) • Provide the confirmed working host, port, e...

Project Overview I’m looking for an experienced WordPress developer to perform a forensic audit and cleanup of a site that previously used custom developer-created code and automation. After a hosting migration, the site experienced admin access issues, login loops, and plugin behaviour reverting unexpectedly. Hosting support stabilised access but confirmed that custom plugins and non-standard configurations existed and fall outside their support scope. An automated deployment mechanism has been removed, but I need confirmation that no residual scripts, hooks, or configurations remain that could overwrite files, revert settings, or affect admin access. Scope Audit custom plugins, theme code, and mu-plugins Check for role/capability filters and forced redirects As...

My private server farm runs entirely on Windows Server 2019/2022 and I want a single, reliable point of contact to keep it both secure and resilient. Day-to-day, you will be hardening the network with advanced threat-detection practices—think real-time log analysis, strict firewall policy reviews, prompt patching, and well-documented incident response plans. All data protection flows through Veeam. I rely on daily image-level backups, off-site replication, and periodic restore tests, so you’ll need to stay on top of job success reports, storage consumption, and any failure remediation without waiting for me to ask. Support is part of the arrangement: when an issue or change request lands in the ticket queue, I expect timely follow-through and clear communication until closure...

Our CodeIgniter-based ordering app on a Hostinger VPS has suddenly stopped displaying product images in the admin dashboard. Everything was fine a week ago; the only event since then was an SSL renewal three days ago. There are no error logs throwing obvious clues, yet the image thumbnails simply fail to load.

I’m looking to give my site a full-scale tune-up. The immediate priorities are: • Security vulnerabilities – I need a thorough scan and clear recommendations or patching for anything you uncover. • Broken links and other visible errors – flag and fix them so every page loads cleanly. • SEO health – run a technical SEO review (meta tags, indexing, sitemap, core web vitals) and provide quick-win fixes where possible. • Site speed – benchmark with Google PageSpeed Insights or GTmetrix, then optimise code, images and caching until we reach a noticeably faster load time. • Back-up & updates – take a complete backup before you start, then bring the CMS, theme and all plugins up to their latest stable versions. Please supp...

Έχω WooCommerce e-shop () που μεταφέρθηκε πρόσφατα σε νέο server αλλά τρέχει πολύ αργά. Υπάρχει ιστορικό hack / κακόβουλων αρχείων και ενημερώθηκα ότι το Woodmart theme και child theme έχουν πειραχτεί από προηγ&omicron...

Usted debe indicar el costo y tiempo de desarrollo. Debe leer lo presente y revisar la maqueta () antes de realizar consultas. Documento de Requerimientos de Usuario (DRU): Domicilio Digital 1. Visión del Proyecto Plataforma SaaS de notificaciones legales ("Domicilio Digital"). • Arquitectura Híbrida: o Cerebro: Backend en Python (Django/FastAPI) encargado de la lógica de negocio, reglas de seguridad, firma digital, gestión de usuarios, reportes y compilación de estilos. o Músculo: Mailcow (Dockerized) encargado del transporte de correo (MTA), almacenamiento (MDA) y Webmail (SOGo). 2. Personalización Visual Paramétrica (No-Code) El sistema permite una personalización "White-label" gestionada ínt...

crear tiene en woocomence para venta de lapidas funerarias, donde el cliente pueda subir archivos multiples y personalizar datos .fechas , ect