I am looking for a team (DevOps and security specialist) that will conduct an audit for compliance with requirements.
447 USD Requirements:
1. Familiarize yourself with the recommendations for developers (Appendix 1) regarding the security
of the site and inform whether these recommendations can indeed provide a high
level of protection for the WordPress site.
2. Check the implementation of these recommendations on the current site.
3. If the recommendations described in Appendix 1 do not provide an adequate level
of protection, provide other recommendations, according to working with WordPress.
4. If the recommendations described in Appendix 1 meet the appropriate level
of protection, recommend to the client's team (in simple language) how we
can further improve the security situation. What to do? How often to check?
Provide advice regarding updates, etc.
Appendix 1. Security recommendations from the previous developer
"This is about Cybersecurity our capabilities:
Website protection complex:
1. Network level - Traffic filtering and DDoS protection
Cloudflare
● Hides the IP address of the main server - all requests go through Cloudflare,
attackers do not see the real IP
● Protects against DDoS - includes automatic captcha, slowing down suspicious IPs
-Filters traffic - blocks SQL injections, XSS, brute force, and suspicious user-agents
Traffic filtering on the server (Nginx/Apache)
● Limits the number of requests to /wp-login.php and /xmlrpc.php (Rate Limiting)
● Limits the number of connections from a single IP
● Blocks known bots and parsers
2. Access to the WordPress admin (/wp-admin)
IP-based login restrictions
● Access to the admin is allowed only from whitelisted IPs
Changing the admin URL
● Change the standard /wp-admin to a custom path (/mysecretadmin)
● Accessible only after entering a secret token
Two-factor authentication (2FA)
● Add a confirmation code via Telegram or Google Authenticator
● Even if the login/password are leaked, the attacker cannot log in
Can be implemented with custom code or use Wordfence 2FA.
3 Database - SQL injections and backups
Disabling remote access to MySQL
● MySQL listens only to local connections
Using secure SQL queries
Automatic backup creation
● Daily database backups
● Copying backups to a remote server or cloud
4. File system protection
Disabling PHP execution in uploads/ and wp-content/
● So that an attacker cannot upload and run a malicious PHP script
Disabling code editing from the admin
● Prohibiting changes to themes and plugins via /wp-admin
Monitoring file changes
● Running a script that checks if critical files have been changed
5. Failover (automatic switch to backup server)
● The site automatically switches to a backup server if the main one fails
● The database is replicated in real-time
● Everything happens transparently for users (without changing the domain)
How it works:
1-Main server (A) dies
2-Cloudflare DNS Failover automatically switches to server B
3-MySQL Replica switches to the new master
Implementation:
Cloudflare Load Balancer
MySQL Replication (Master-Slave)
rsync for file synchronization
6. Implementation of the "hybrid static site" logic
Main server (admin and content generation)
Runs on WordPress
Administrators manage content through /wp-admin
After updating the content, a script is triggered to generate static HTML pages
Frontend server (only HTML, CSS, JS)
Receives ready static pages from the main server
Located on another server (or CDN)
Does not contain WordPress, PHP, and databases
Works like a regular static site
Dynamic elements (feedback, search, cart, etc.)
● Implemented via REST API or GraphQL
● All forms and requests go to the API on the main server
Additional improvements
● API caching - via Cloudflare Workers or Nginx FastCGI Cache
● Static synchronization on schedule - once an hour/daily
● Moving search to a separate service
● Protecting the API with tokens - so that spammers do not send tons of requests
-
28 days447 USD
411 6 1 28 days447 USD
I will gladly consider your project! I have experience in DevOps and information security. Please provide more detailed information about the requirements and the purpose of the audit so that we can prepare an accurate proposal.
-
14 days447 USD
776 11 2 14 days447 USD
Good evening, I will conduct an audit of your website, provide recommendations for ensuring security, set up protection, and if necessary, I will provide a conclusion from a legal entity that fits the code. If you are interested, please write to me privately.
-
29 days603 USD
15075 32 0 1 29 days603 USD
Good day!
My name is Valentin, and I represent Arctic Web Agency. We are a team of experienced web developers specializing in creating modern and effective web solutions for businesses. I can provide examples of our similar work in personal messages. We are ready to take your project to work!
Sincerely,
Arctic Web Team
Freelancehunt
-
10 days447 USD
410 7 1 1 10 days447 USD
Hello,
Thank you for the detailed description, I would be happy to help with the implementation of the project. I am a Software Development Engineer with over 7 years of experience in creating various websites, SaaS solutions, complex web platforms, and MVPs for startups. In my portfolio, I have highlighted some of the projects I have developed.
My stack includes the following technologies and their frameworks: PHP (Yii2, Laravel, Symfony), HTML5, CSS3, JS (Vue.js, React.js), MySQL, PostgreSQL.
-
7 days469 USD
1616 8 0 7 days469 USD
Hello,
I am a developer in the field of AI/ML & WEB DEV. I can complete your project. Write to me, and we will discuss.
-
20 days447 USD
1251 3 0 20 days447 USD
Hello! I am the co-owner of a web studio specializing in the development of brochures, brand books, identity, logos, banners, creatives, websites of any complexity, CRM systems, Confidence Technology, as well as advertising setup and SEO promotion.
Our latest projects include design:
✔️https://sweet-sdpearls.de
✔️https://diamond-firms.com
✔️https://novobudova.pro
✔️https://stxtrade.com
✔️https://salehub2b.eu
✔️https://confidence-crm.com
✔️https://skyhigh-lviv.com
… ✔️https://ukrfix.com
✔️https://aquahub.org.ua
✔️https://boostylabs.com
✔️https://ol.zp.ua
✔️https://smt-industry.com
✔️https://butams.com
✔️https://emporio-sports.cz
Best wishes, Valentina
-
10 days447 USD
2161 4 2 10 days447 USD
👋Welcome!
We are Skillwave Global LLP — a team from the United Kingdom that helps businesses launch effective digital products: from websites and online stores to complex systems.
📈We approach each task individually — we create not just a beautiful website, but a tool that works for results: attracting customers, selling, and building trust.
✅What we offer:
• Full web development (Frontend / Backend / WordPress / CMS)
• UI/UX design in Figma with a focus on conversions
• Fast loading, responsiveness, SEO — by default
… • Support and development of the project after launch
💼We work transparently, officially, and results-oriented.
Ready to discuss your project and propose a concept in the coming days!
🙌Here are our works and reviews on them, you can learn more in the presentation!
Freelancehunt
Current freelance projects in the category Databases & SQL
Technical task: Dashboard on Dune AnalyticsStyle reference: dune.com/filarm/polymarket-activity Task Create a beautiful dashboard on Dune for our bot for Polymarket. There are no real data — everything is generated synthetically, but it looks logical and plausible. Main requirement The dashboard must work… Databases & SQL, Cryptocurrency & Blockchain ∙ 25 minutes back ∙ 2 proposals |
Work with BAS CORP
Hello! Currently, the following tasks need to be completed: Adjustment of the printed form in BAS KORP according to the client's parameters. Specifically, the task is not to display certain fields. Updating the classifier of professions in BAS KORP for a number of… Payment Systems Integration, Databases & SQL ∙ 12 hours 14 minutes back ∙ 7 proposals |
Need a 1C specialist for refinements and development.I am looking for a 1C specialist for freelance collaboration. I am currently working with a contractor who provides support and maintenance for the 1C system. However, due to the contractor's workload, there is a need for prompt execution of additional tasks, improvements, and… Databases & SQL ∙ 1 day 18 hours back ∙ 11 proposals |
Restoring Instagram after a banOn March 3, 2026, my Instagram was blocked due to a violation of rules. I believe there has been some mistake, as the page was personal with photos and videos of my personal trips. I did not post any comments anywhere. I have sent several appeals. I cannot download my files… Databases & SQL, Web Programming ∙ 2 days 5 hours back ∙ 4 proposals |
Eliminate the issue of incomplete data import from Excel files of Nova Poshta specifications into 1C:
45 USD
Goal: There is a processing in 1C for uploading the specifications of Nova Poshta. For unclear reasons, it has stopped loading some tabular data. We need to find the reason and eliminate the problem of incomplete data import from Excel files of Nova Poshta specifications into… System & Network Administration, Databases & SQL ∙ 5 days 12 hours back ∙ 16 proposals |
Vinnytsia