We have a number of websites both static and database driven which have been subject to script injection attacks. I am searching for somebody who is an expert in this and can evaluate the problem and help us work towards a long term solution. They are currently hosted on a plesk panel. Please give you experience in website security and experience in preventing script injection attacks. I am looking for someone who can both consult us in how to solve the problem and then work with us to implement the suggestions. Pay could be hourly or goal based.
Some of the following I would like to have implemented on our server:
1)Install a Mod_Security rule set -
2)Apache rebuilt to include Suhosin - [url removed, login to view]