Laravel / PHP Website Malware Cleanup & Hardening Expert Needed

We are looking for an experienced Laravel/PHP security expert to fully clean and secure a compromised website hosted on Cloudways. ## Current Situation The website was hacked with: * Casino SEO spam injection * Google cloaking malware * Hidden PHP backdoors * Laravel persistence malware * Composer autoload injection * Googlebot-only spam pages Normal visitors see the correct website, but Google Search Console and crawlers were seeing casino spam pages. We already identified multiple malicious files including: * cloaking scripts * remote payload loaders * Telegram credential stealers * malicious autoload injections * malware stored in Laravel cache/database ## What We Need ### 1. Full Malware Cleanup * Remove all malicious PHP files/backdoors * Remove hidden persistence mechanisms * Clean Laravel cache/database malware * Clean vendor/composer injections * Clean .htaccess / .user.ini injections * Remove cloaking and redirect scripts * Remove SEO spam pages * Remove any cronjob persistence * Remove malware in `/dev/shm` ### 2. Laravel Security Audit Check and secure: * vendor/autoload.php * bootstrap/app.php * public/index.php * .env * storage/ * cache tables * Composer autoload chain * all uploaded plugins/packages ### 3. Hosting & Server Audit Check: * SSH access * Cloudways access logs * unknown users * FTP/SFTP accounts * cronjobs * file permissions * suspicious outbound requests * unauthorized API/webhook activity ### 4. Hardening * secure Laravel installation * patch vulnerabilities * disable dangerous PHP functions where possible * improve file permissions * malware prevention recommendations * WAF/security plugin suggestions * Google re-indexing readiness ### 5. Final Deliverables * website fully cleaned * confirmation no malware remains * list of infected files found * explanation of likely attack vector * report of all fixes performed * recommendations to prevent reinfection ## Important * This is a LIVE production website. * Please backup before changes. * Need someone experienced specifically with: * Laravel malware cleanup * PHP backdoors * SEO spam hacks * cloaking malware * Cloudways hosting * Composer/vendor infections ## To Apply Please provide: * past malware cleanup experience * examples of Laravel/PHP hacks cleaned * estimated timeline * approach you will take * whether you can also help with Google Search Console recovery