Tidy the server from X-ransom attack
- or -
Post a project like this53
€100(approx. $107)
- Posted:
- Proposals: 18
- Remote
- #4156907
- OPPORTUNITY
- Open for Proposals
React native, Nodejs, UX/UI Graphic design, PHP, Laravel, wordpress, shopify Expert
Porbandar
Microsoft Azure Office 365 Sharepoint Google Workspace Online Marketing Consultant,
Brighton
PPH #1 "Top Rated" Service Provider in Development & IT : Wordpress, Shopify, Magento, Squarespace, ZOHO, WHMCS, Salesforce, Vtiger, Learndash, Moodle
Kenwick
PPH Top Rated Digital Marketer (Social Media Ads, Google Ads, SEO, Social Media Management, YouTube expert)
Kasur
1097152010548737218737910682108944295850415912768312272425525373232798319824271040640
Description
Experience Level: Entry
Hello,
Our Wordpress website was attacked by x-ransom. We have a backup of the WP and the database dump. We have detected some corrupted files there but it seems that there are still some left that were not detected. It has to be tidy after the attack.
It’s an internet shop with uploads files of around 100GB. It’s stored on a private hosting in LV.
What is done do far:
1. Update WordPress Version
2. Use z’d updateSecure WP-Admin Login Credentials
3. Set Up Safelist and Blocklist for the Admin Page
4. Use Trusted WordPress Themes
5. Install SSL Certificate
6. Remove Unused WordPress Plugins and Themes
1. Enable Two-Factor Authentication for WP-Admin
2. Back Up WordPress
3. Limit Login Attempts
4. Change the WordPress Login Page URL
5. Log Idle Users Out Automatically
6. Monitor User Activity
7. Check for Malware - found several none-Wordpress specious files and plugins. Deleted them.
1. Disable PHP Error Reporting
3. Turn File Editing Off
4. Restrict Access Using the .htaccess File
5. Change the Default WordPress Database Prefix - not done
6. Disable XML-RPC
7. Hide the WordPress Version
8. Block Hotlinking - not done
9. Manage File Permissions not done
After making the list, we received another x-ransome attack. I suspect he has a server level access not only wp level.
If you apply, you need to be a server security and a Wordpress specialist.
Please, quote for the job.
Our Wordpress website was attacked by x-ransom. We have a backup of the WP and the database dump. We have detected some corrupted files there but it seems that there are still some left that were not detected. It has to be tidy after the attack.
It’s an internet shop with uploads files of around 100GB. It’s stored on a private hosting in LV.
What is done do far:
1. Update WordPress Version
2. Use z’d updateSecure WP-Admin Login Credentials
3. Set Up Safelist and Blocklist for the Admin Page
4. Use Trusted WordPress Themes
5. Install SSL Certificate
6. Remove Unused WordPress Plugins and Themes
1. Enable Two-Factor Authentication for WP-Admin
2. Back Up WordPress
3. Limit Login Attempts
4. Change the WordPress Login Page URL
5. Log Idle Users Out Automatically
6. Monitor User Activity
7. Check for Malware - found several none-Wordpress specious files and plugins. Deleted them.
1. Disable PHP Error Reporting
3. Turn File Editing Off
4. Restrict Access Using the .htaccess File
5. Change the Default WordPress Database Prefix - not done
6. Disable XML-RPC
7. Hide the WordPress Version
8. Block Hotlinking - not done
9. Manage File Permissions not done
After making the list, we received another x-ransome attack. I suspect he has a server level access not only wp level.
If you apply, you need to be a server security and a Wordpress specialist.
Please, quote for the job.
Natalia D.
99% (31)Projects Completed
34
Freelancers worked with
23
Projects awarded
38%
Last project
5 May 2022
Switzerland
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies