Hi,
Only Mumbai based Developers are requested to contact.
My domain has been attacked by malware & the payment page has been altered. I want to increase the security of my website by working over the following -
1) Update Magento Security Patches.
2) File & Folder Structure Permission to Read & Write.
Ensure files and folders are not writable by anyone else except you by changing your file permissions to 644 and folders to 755. If you see any that are 777 or 666, fix them immediately.
find . -type d -exec chmod 775 {} \;
find . -type f -exec chmod 664 {} \;
3) Check & Remove Existing Malwares & Code the domain for optimum security.
4) Check Magento admin and other login details & delete fake login ids.
5) Check the payment method & make it working (Cash on delivery / Payment Gateway Operation). This page was hacked & the hacker kept receiving Card Details.
6) Disable Directory Indexing.
7) Disable Dangerous PHP Functions -
following rule to your [login to view URL] file: disable_functions = proc_open,phpinfo,show_source,system,shell_exec,passthru,exec,popen
8) Change the /downloader/ path
9) Secure [login to view URL] file
10) Restrict Admin Access to only approved IP Address
11) Install 2 Factor Authentication by Rublon.
12) Change Admin Path - Instead of our current path having admin login page be at [login to view URL], you can change it to something different - For Eg. [login to view URL]