Make Website PCI DSS Compliant

*** Only bid if you have successfully made at least 3 other websites PCI Compliant, and you can provide references***

My ecommerce website needs to made PCI Compliant to be approved to process credit cards on the website

My website is on a 1and1 Virtual Private Server. There is also another website on this server.

[url removed, login to view] performed a scan on both domains which failed.

Issues it failed on:

- web server autoindex enabled

- OpenSSH 4.3 is vulnerable

- The remote web server contains a PHP script that is prone to an information disclosure attack

- Possible cross site scripting

- The remote service encrypts traffic using a protocol with known weaknesses

- The remote service supports the use of weak SSL ciphers

- The remote service supports the use of medium strength SSL ciphers

- SSL server accepts SSLv2 protocol

- The remote service supports the use of anonymous SSL ciphers

- Apache ETag header discloses inode numbers

- SSL server accepts weak ciphers

- The remote service encrypts traffic using a protocol with known weaknesses

I will provide the winning bidder with full PCI Scan reports for both domains from Security Metrics, outlining all the issues in more detail

I will release payment once I perform a secon PCI Scan and it passes

Server Software: CentOS 5 with Parallels SB

Skills: Apache, Computer Security, PHP, System Admin, Web Security

See more: centos pci web server autoindex enabled, ssl server accepts sslv2 protocol, virtual server pci compliant, openssh vulnerable security metrics, pci dss scan apache etag, remote service supports use anonymous ssl ciphers, web server autoindex enabled security metrics, securitymetrics apache etag, apache etag header discloses inode numbers, pci dss apache, websites that make software, weaknesses, strength and weaknesses, ecommerce website software, centos website, admin 1and1, 3 weaknesses, 1and1 virtual server, 1and1 admin, 1and1 security metrics, private web ecommerce, vulnerable, Virtual Private Server, pci dss, metrics

About the Employer:
( 1 review ) Manchester, United Kingdom

Project ID: #1258464

Awarded to:


Certified Linux System Administrator and Security Advisor ready to work. Have work with SecurityMetrics several times before. I can start right away. Regards. Nick.

£200 GBP in 5 days
(187 Reviews)

7 freelancers are bidding on average £214 for this job


Hi Good day. Thanks for the invite. Expert in making site and server as PCI DSS compliant. Ready to start the work right away. Awaiting for selection and escrow. Regards [url removed, login to view]

£250 GBP in 2 days
(54 Reviews)

please check pm.

£250 GBP in 0 days
(61 Reviews)

Hi! Check your pmb pls.

£200 GBP in 2 days
(12 Reviews)

Experienced Linux Admin and Security expert. Worked with Secuirtymatrix, Macafeesecure and Control scan before. Please check PM for references.

£150 GBP in 3 days
(28 Reviews)

I can help you with the PCI compliance checks. I have made over 20 websites PCI compliant on CentOS servers as a part of my daytime job.

£200 GBP in 2 days
(11 Reviews)

Hi, Please Read your PMB for Clarification and if you accept them, we will start over.

£250 GBP in 10 days
(0 Reviews)