Seeking a seasoned WordPress security developer to combat spam registrations and bot attacks on a UK-based e-commerce site. The ideal candidate will have expertise in WordPress security, PHP, and modern anti-spam techniques. Strong communication and problem-solving skills are essential.
Key Highlights
Key Responsibilities
Technical Skills Required
Benefits & Perks
Nice to Have
Job Description
Location: Remote (Open to applicants in EU, Eastern Europe, and Australia )
Engagement Type: Contract (Hourly or Fixed-price - negotiable)
Start Date: Immediate
We manage a UK based prescription drug e commerce site built on WordPress. For over a decade, the site has been flooded with spam user registrations despite using multiple plugins (mobile verification, math challenges, CAPTCHA, etc.). Spam accounts continue to bypass these measures, as shown in the attached screenshot. We need a developer who can think like an attacker , identify the loopholes, and implement a robust, long term solution .
Tasks
- Audit the current WordPress registration and login flows, including all security plugins and custom code.
- Identify how bots are circumventing existing protections (e.g., API abuse, headless browsers, plugin vulnerabilities).
- Develop and implement advanced anti spam measures tailored to the site's architecture (e.g., custom challenges, behavior analysis, honeypots, rate limiting, or integration with third party services like Cloudflare Turnstile).
- Ensure the solution is lightweight, user friendly for genuine customers, and maintainable.
- Provide documentation and a brief hand off to the client.
Requirements
- Proven experience with WordPress security, specifically combating spam registrations and bot attacks.
- Strong PHP and WordPress development skills (themes, plugins, hooks, REST API).
- Familiarity with modern anti spam techniques (CAPTCHA variants, JavaScript challenges, IP analysis, browser fingerprinting, etc.).
- Ability to reverse engineer how bots work and test your own solutions.
- Portfolio of similar projects - please include links or descriptions of past work where you successfully reduced spam or secured a WordPress site.
- Excellent communication in English (written and spoken).
Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
Nice to Have(s):
- Experience with e commerce platforms (WooCommerce) and membership sites.
- Knowledge of server level security (e.g., fail2ban, ModSecurity) and CDN configurations.
- Contributions to WordPress core or security plugins.
Benefits
- 100% remote - work from anywhere in your timezone.
- Flexible hours - focus on delivery, not clock watching.
- Direct collaboration with the client - no middlemen, no bureaucracy.
- Impactful work - solve a decade old problem that actually matters to the business.
- Potential for ongoing work - if results are strong, there may be additional security projects.
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
To apply, submit the following:
- Resume / CV highlighting relevant experience.
- Portfolio of similar anti spam or WordPress security projects (links or PDF).
- Cover letter (optional but encouraged) - briefly describe your approach to diagnosing and solving spam issues like the one described.
Deadline: Applications reviewed on a rolling basis. We're looking for someone who can start within a week.
#WordPressSecurity #AntiSpam #BotProtection #WordPressDeveloper #WPExpert #CyberSecurity #SpamPrevention #PHPDeveloper #WooCommerceSecurity #RemoteWork #EUDeveloper #EasternEuropeTech #AustraliaTech #ContractWork #WordPressHiring #TechJobs #NoFluff #StopSpam #LoginSecurity #WPDevelopment
Similar Jobs
Explore other opportunities that match your interests
Security Engineer - Red Team
insider one
Manager, Enterprise Hardware Asset Management
First American
