• Projects 3
  • Rating 5.0
  • Rating 1 130

Budget: 1500 UAH Deadline: 3 days

Good day! I have already cleaned such stories — WP, where a doorway was uploaded and generated pages were piled up. The main thing here is not to sweep the pages but to find out how they got in; otherwise, it will be the same in a week.

If I were doing it for you:
1. I take a copy of the files and a database dump, looking in read-only mode to avoid erasing traces.
2. I search for recently modified files, web shells, eval/base64 injections, rogue mu-plugins, tasks in wp-cron, foreign admins in wp_users, foreign strings in options, .htaccess, and nginx configs.
3. I compare plugins and the theme with clean sources — the vulnerable component is usually the entry point.
4. I clean or help rebuild from clean files, then rotate all keys and passwords and list what to close to prevent recurrence.

Access: SSH (preferably a separate key for this task), site files, and a database dump on the dev server. I will also quickly check the old working site for indicators — both could have been affected.

  • Projects 90
  • Rating 5.0
  • Rating 3 847

Budget: 4200 UAH Deadline: 3 days

👋 Hello! I'm ready to start working right now.
I clearly understand the task and have successful experience in implementing exactly such projects (examples are in the reviews). I will complete the task quickly and without unnecessary questions.
SSH access ✅
I will check everything thoroughly and point out any issues✅
For an additional fee, I will fix the problems✅
Let's discuss the details and get started! 🚀

  • Projects 34
  • Rating 5.0
  • Rating 2 259

Budget: 3000 UAH Deadline: 2 days

Hello.

I have significant experience in incident response and hardening Linux servers (Nginx + PHP-FPM). I am ready to help you completely clean up the project and prepare it for a secure release.

  • Projects 9
  • Rating -
  • Rating 536

Budget: 7500 UAH Deadline: 3 days

Good day! I have experience with WordPress security and understand that removing a doorway without eliminating the entry point is freezing, not healing.

Here’s how I approach such incidents: first, I take a snapshot of the files and database (I don’t delete anything), then I correlate nginx logs with the date the doorway appeared, check the mtime of files, search for web shells, mu-plugins, eval/base64 injections, foreign admins in wp_users, and external entries in wp_options. At the same time, I compare plugins and themes with clean versions - the vulnerable component is usually the entry point.

After identifying the root - I either clean or rebuild from clean sources, rotate all passwords and keys, and provide a specific hardening list for your stack (nginx + PHP-FPM + WireGuard). I am ready to describe what access will be needed and work with it safely.

  • Projects 3
  • Rating 5.0
  • Rating 1 540

Budget: 3500 UAH Deadline: 1 day

Good day!

The brief is clear. I work in the logic of "first the entry point, then the cleanup" — because removing a doorway without addressing the root cause = repeated hacking. I have experience in incident response on WordPress (nginx + PHP-FPM): doorway/spam injections, web shells, mu-plugins, backdoors in the database.

What I will do:
1. Snapshot of the state (files + database + logs) for evidence, without deleting anything.
2. Entry point: correlation of nginx logs with the appearance of the doorway, checking vulnerable plugins/themes, compromised accounts, find by mtime.
3. Cleanup of backdoors: file shells, mu-plugins/dropins, injections in the database (wp_options autoload, hidden admins, wp_posts), cron jobs.
4. Clean site: rebuilding core/plugins from official sources, custom — after verification, rotating passwords and keys.
5. Hardening: DISALLOW_FILE_EDIT, banning PHP in uploads (nginx), 2FA, limiting wp-login/xmlrpc, fail2ban, minimal DB user rights.

Andrey K.
1 284 1
  • Projects 1 288
  • Rating 5.0
  • Rating 97 666

Budget: 5000 UAH Deadline: 2 days

Hello. I have extensive experience with WordPress. I am ready to remove the virus and find the cause.

  • Projects -
  • Rating -
  • Rating 399

Budget: 6000 UAH Deadline: 3 days

Hello.

I can take on the diagnostics and cleaning. In such cases, you should start not with deleting generated pages, but with finding the entry point: files, mu-plugins, cron, database, users, nginx/PHP-FPM logs, access rights, plugins/theme.

After the check, I will either clean the current build or suggest what is better to transfer from clean sources. I will provide a brief report on what was found, what was deleted, how they likely gained access, and what needs to be closed before the release.

  • Projects 26
  • Rating 4.3
  • Rating 838

Budget: 1500 UAH Deadline: 3 days

I would look for an entry point (I think I know where and how to search). The measures you have taken are correct. Let's see, I will try to handle your task. I am working on the "weekend."

  • Projects 16
  • Rating 5.0
  • Rating 891

Budget: 4000 UAH Deadline: 3 days

Good day. I have experience in healing WordPress sites, identifying and closing vulnerabilities, including in plugins and themes. Write to me, and we will discuss everything in detail.

  • Projects 4
  • Rating 5.0
  • Rating 512

Budget: 8000 UAH Deadline: 3 days

Good day.

I have extensive experience working with WordPress, including legacy projects and security audits.

In your case, the main task is not just to remove the doorways, but to find the root cause of the compromise. I will check the installed plugins and theme, server logs, access rights, accounts, cron jobs, mu-plugins, possible backdoors in files and the database, as well as mechanisms for re-entry.

I would also like to highlight the transfer of data from the old site and all custom integrations through which vulnerable or compromised files could have entered.

For the work, SSH access, database access, and preferably nginx/PHP-FPM logs for the period before the incident will be needed.

  • Projects -
  • Rating -
  • Rating 516

Budget: 15000 UAH Deadline: 7 days

Hello, tok24ua!

To fully understand the situation, please clarify:
1. Do you have backups of the site before the attack?
2. What plugins and themes are used on the site?
3. Were there any changes or updates made before the hack?

My approach:
1. First, I analyze all logs and files for suspicious activity to identify the entry point.
2. I remove all backdoors and malicious files, check the database for injections and unnecessary accounts.

  • Projects 38
  • Rating 5.0
  • Rating 2 365

Budget: 3000 UAH Deadline: 5 days

Good day, to start, access to the WordPress admin panel, if it is still opening, and access to the server to check the logs and settings. Then we will see. Either a vulnerability in some plugin or on the server itself.

  • Projects 103
  • Rating 5.0
  • Rating 4 998

Budget: 2000 UAH Deadline: 1 day

Hello, Yuri.
I work with WordPress constantly — every project is confirmed by client reviews.
I will do exactly what is described, plus I will show how to manage everything through the admin panel.

Final price/time after all clarifications.

Profile: Freelancehunt
Reviews: Freelancehunt

  • Projects -
  • Rating -
  • Rating 702

Budget: 4000 UAH Deadline: 3 days

Hello! I am ready to help. I have experience fixing issues on websites. I offer quality and fast work. Feel free to write.

  • Projects 67
  • Rating 5.0
  • Rating 12 793

Budget: 5000 UAH Deadline: 3 days

Hello! I will complete your task quickly and efficiently. It is necessary to review the code of the entire project.

My recent works
https://indexfast.pp.ua - fast website indexing
https://mono-bank.pp.ua - everything about Monobank
https://mamamia.pp.ua - online store
https://programist.pp.ua/ua/portfolio/ - portfolio of works
https://monitortest.pp.ua - monitor testing
https://keytest.pp.ua - keyboard testing
https://pctest.pp.ua - computer testing

  • Projects 80
  • Rating 4.9
  • Rating 2 844

Budget: 2200 UAH Deadline: 1 day

Hello. Ready to get started now!
Treatment and protection of websites!

Experience in treating and protecting websites for 10 years.
More than 2000 websites treated!!!

What I will do:
1. Remove viruses, completely clean the site.
2. Close vulnerabilities.
3. Update your CMS. Set up security.

Proposals concealed

The list does not show proposals concealed by the client or freelancer with a Plus profile, as well as proposals violating rules

Current freelance projects in the category Web Programming

18:55
17:48
16:42
16:06