We have 3 Oscommerce sites that need security work to prevent hacking. All 3 sites have been hacked but have now been restored via backups and all are working although we worry that hackers will just go back in.
We will start with 1 site , then move into the other 2 sites if we can find the right person to assist us. (we always have lots of other Oscommerce work as well)
The following is required;
1) Rename the admin directory.
2) Add .htaccess protection to the admin directory.
3) Also add .htacess for protecting the catalog directory.
4) Also delete the admin/[url removed, login to view] and associated link of that file.
5) Also delete the admin/[url removed, login to view] file and it’s all links.
6) Apply cross-scripting prevention code (if required)
7) The sites also need to be thoroughly checked for hackers codes and files.
PLEASE do not apply for this job unless you can provide proof that you understand Oscommerce security issues and have performed similar tasks recently.