Website Security Auditor Recommendations Wanted

wrx7m

Hi,

One of our websites was hacked last weekend. I am still waiting for our web dev/design consultants to give a report on what transpired. However, I want to get recommendations for hiring a 3rd party to audit the sites to see what else should be done to help prevent this from happening again and to our other sites.

We are running Wordpress in AWS.

Anyone know of someone?

scottalanmiller

No auditor to recommend, I'm sorry. But definitely install WordFence and run its own scanning tool. They have paid options, too, right through the tool.

Sucuri is the big name in WP scanning. They offer remediation services.

wrx7m

@scottalanmiller said in Website Security Auditor Recommendations Wanted:

No auditor to recommend, I'm sorry. But definitely install WordFence and run its own scanning tool. They have paid options, too, right through the tool.

Sucuri is the big name in WP scanning. They offer remediation services.

Thanks. I'll check it out.

Obsolesce

I just came across this Plugin today:

https://wordpress.org/plugins/wp-security-audit-log/

I haven't tried it yet, and I don't know how well it audits files and detects changes like WordFence does.

I'm going to give it a spin sometime in the near future.

dbeato

YOu can also do a free test from Qualys
https://www.qualys.com/free-services/
https://www.qualys.com/community-edition/