Cancelado

Making Adjustments to SSL Settings and FTP Permissions on Server(repost)(repost)

Hi there!

Attempting another project with you, one for a different client and I believe a lot easier. :) Enjoyed working with you thus far. My client is receiving security warnings that they are not PCI compliant, from SecurityMetrics.com. My client's site is [url removed, login to view] and it's marked as? NOT COMPLIANT with the PCI scan validation requirements on several different items. I believe it's a matter of adjusting SSL settings on server or FTP permissions, but I'm unfamiliar in this territory and don't want to make adjustments blindly. Built on a Windows-based server.

## Deliverables

Message from SecurityMetrics: "SecurityMetrics has determined that KATILADY EVENTS is NOT COMPLIANT with the PCI scan validation requirement for this computer. The computer

**fails** because a risk of 4 or more was found."

I have updated Wordpress...but it didn't seem to make a difference (I just did that yesterday and ran test again afterward).

I can give you login info for the account so you can look at this more closely if you wish, if this is a job you are interested in.

Example violations:

"The remote web server contains several PHP scripts that are prone to SQL injection and cross-site scripting attacks. Description : According to its banner, the remote version of WordPress is vulnerable to various flaws which may allow an attacker to perform an HTML injection attack against the remote host or allow an attacker to execute arbitrary SQL statements against the remote database. See also : [[url removed, login to view] 84659][1] **Solution**: Upgrade to WordPress 1.2.2 or greater"

"The remote web server contains several PHP scripts that are prone to SQL injection and cross-site scripting attacks. Description : According to its banner, the remote version of WordPress is vulnerable to various flaws which may allow an attacker to perform an HTML injection attack against the remote host or allow an attacker to execute arbitrary SQL statements against the remote database. See also : [[url removed, login to view] 84659][1] **Solution**: Upgrade to WordPress 1.2.2 or greater."

"Description: Microsoft IIS Authentication Method Disclosed Severity: Area of Concern CVE: [CVE-2002-0419][2] Impact: An attacker could determine which authentication scheme is required for confidential web pages. This can be used for brute force attacks against known User IDs. Background: Microsoft IIS web servers support Basic and NTLM authentication. Determination of which authentication is used by a server may help with further intelligent attacks against the server or brute force password attacks. "

## Platform

Windows-based

Habilidades: Amazon Web Services, Engenharia, PHP, Gestão de projetos, Arquitetura de software, Teste de Software, Hospedagem Web, Gestão de Site , Teste de Website

Ver mais: www i force com, www force com, wordpress remote support, wordpress remote, php on iis, brute force solution, wordpress database settings, user settings, sql injection test, remote it management, remote computer help, my account settings, database management job description, remote php job, remote job php, vulnerable, sql server scripts, host project on, ftp client, flaws, attack s, impact force, php severity, user authentication banner, server ftp ssl

Acerca do Empregador:
( 28 comentários ) United States

ID do Projeto: #2973291

0 freelancers are bidding on average $ for this job

keithyox1

See private message.

$47.6 USD in 5 dias
(37 Comentários)
5.6