Encerrado

Server Security Expert

We are going through an RFP process with a client and they have some server security guidelines that we need to follow. They have run a few tests on our server and given us a list of things to fix. We need someone who can fix these things and do it Fast! We need everything done by Monday the 19th!

We are running a 2012 windows server with iiS on an AWS EC2 with ASP .NET applications There is also a front end component that has Java, JQuery, HTML and CSS.

We have a detailed report from IBM's App Scan and also have an SSL set up.

Here us the list of the vulnerabilities that need to be fixed...

1) DOM Based Cross-Site Scripting

Fix:Review client-side code and clear your input sources

2) Encryption not apllied

Fix: Force the use of HTTPS when sending sensitive information

3) Hidden Directory Detected

Fix: Issue a "404 - Not Found" response status code to a prohibited feature or remove it completely

4) Unsafe third party link (target = "_ blank")

Fix: Include the rel = "noopener noreferrer" attribute on each link element with target = "_ blank"

5) Query Parameter in SSL Request

Fix: Always use the SSL and POST (body) parameters when sending sensitive information.

6) Body Parameters Accepted in the Consultation

Fix: Do Not Accept Body Parameters That Are Sent in Query Sequence

7) Verify SRI (Sub-feature Integrity) support

Fix: Include in each third script / link element SRI (Subresource Integrity) support.

8) Browsing Scan Against SSL / TLS (also known as BEAST)

Fix: Supported clusters of change server

9) SHA-1 number sets were detected

Fix: Supported clusters of change server

10) Web Server Transmits Cleartext Credentials

FIX: Make sure that every sensitive form transmits content over HTTPS.

Habilidades: .NET, Amazon Web Services, ASP, Servidor Windows

Veja mais: need expert setting up server security compliance, hire a freelance wi dows server security expert, website server security expert, net client server security, linux server security, find mysql security expert, server security assessment, web site security expert mumbai, server security expert, lamp server security, website security expert, profile information security expert, internet security expert, joomla security expert, web security expert needed, php security expert

Acerca do Empregador:
( 1 comentário ) Sao Paulo, Brazil

ID do Projeto: #16507829

18 freelancers estão ofertando em média $230 para esse trabalho

ambar

1. In DOM based Cross-Site Scripting, input comes in two main forms: Input written to the page by the server in a way that does not allow direct XSS; Input obtained from Client-side JS objects. So I need to check thi Mais

$294 USD in 7 dias
(110 Comentários)
8.2
jatindhoot

Hello sir, I am working on Microsoft technologies since last 15 years and can get these things done for you. regards

$235 USD in 7 dias
(47 Comentários)
7.2
karunakartiwari

Hi, Greeting !! Helena Recommend us for your project I have read the list of issue present is your ASP.net based website some issue is from server side setup and few are code level improvement .will help in fixing Mais

$352 USD in 5 dias
(167 Comentários)
6.8
sudhanlogics

Greetings! Thanks for posting such an interesting project. I am a professional system admin and server expert. I have worked on server security and PCI compliance. I can address these issues and make the server comp Mais

$588 USD em 1 dia
(125 Comentários)
6.1
tekzee

Hello, I have read your project REQUIREMENT and UNDERSTOOD IT COMPLETELY. We deal with the ALL TYPE OF SERVER RELATED ISSUE as we have expert team for this. We will be able to do but we need proper details regarding Mais

$164 USD in 3 dias
(48 Comentários)
6.3
kuldeepvk

Hi, I will implement server securities and make sure that it will be protected and will not be attacked by any virus or vulnerabilities. Thank you

$77 USD in 0 dias
(32 Comentários)
4.9
infihost

HI, We will check complete configuration of server as well as cluster and will resolve all the issues regarding SSL, SSH, encryption and all. Thank you.

$100 USD em 1 dia
(12 Comentários)
3.9
mlucasdtn

if you accept my bid I can and will do this tonight. (18Mar2018)

$555 USD em 1 dia
(1 Comentário)
3.4
tutornest

Having 13+ IT industry experience in various technologies like Windows Server, VMware, Hyper-V and so on. I would be ideal candidate for this and would delivered project on time.

$166 USD em 1 dia
(2 Comentários)
1.4
$155 USD in 3 dias
(0 Comentários)
0.0
ChamanServices

We provide a wide range of solutions designed to help protect your business or website from cyber security threats; we have a security solution to help through our team of Certified Cyber Security professionals to keep Mais

$200 USD in 4 dias
(0 Comentários)
0.0
brito70

A proposal has not yet been provided

$277 USD in 5 dias
(0 Comentários)
0.0
navinlak

I have experience in security audit fix. please start chat with me

$138 USD em 1 dia
(0 Comentários)
0.0
rvtechsolution

Hello I am certified MVC developer and interested in your project. Kindly initiate the chat to discuss further on the same. Here are some DOT NET websites that I have done - [login to view URL] http Mais

$250 USD in 5 dias
(0 Comentários)
0.0
$155 USD in 3 dias
(0 Comentários)
0.0
$120 USD em 1 dia
(0 Comentários)
0.0
zain43

I can work for you , lets discuss it. i already work related to security. if you can discuss with me .

$155 USD in 3 dias
(0 Comentários)
0.0
$155 USD in 3 dias
(0 Comentários)
0.0