We have a small 40Gb VPS (Centos 5.x) installed with Virtualmin Pro with a handful of websites on it. The project is for a security check for any existing compromises, and for server hardening including configuring (or installing) any open source tools, and to ensure the backups to a NAS are working correctly from Virtualmin Pro. Any changes are to be documented.
The server went slow yesterday, with two of the Wordpress sites becoming unresponsive (Error 500). Virtualmin was also inaccessible. Around the time a suspicious user mingleforum registration occurred (email address) on one of the two wordpress sites, despite the 'mingleforum' plugin being disabled earlier that day.
I restarted the VPS server at the console (without network connected) via VSphere to look at the logs, and there are numerous login attempts, but I cannot see anything obvious. I rebooted the VPS and it appears to have come up normally with the websites apparently working - however I have shut it down again until this project is completed.
The server has APF (Advance Policy Firewall) and BFD (Brute Force Detection). These may be out of date or not configured properly.
I am looking for somebody that can communicate well and clearly by email.
In your bid, I will be looking to see if you take the time to comment on the project detail rather than just a standard response. This project may lead to more ongoing work for the right person. Due to time zone issues (we have to sleep), we have a preference for applicants from UK, Ireland and European Union.
Thank you for taking the time to read the project, and I look forward to working with you!