Invoice

From:

Room 2202, 22/F,
Mega Trade Centre,
1 Mei Wan Street,
Tsuen Wan, New Territories

info@hazedawn.com
Tel: 91375571

Invoice Number h-i2020063491689
Invoice Date 02.04.2024
Total Due $64,000.00
To:
Global Technology Integrator Limited

Unit 3603-3609, 36/F, 1 Hung To Road, Kwun Tong, Kowloon, Hong Kong.

https://gti.com.hk

CodeIgniter and MODX Deployment Service

Vulnerabilities Enhancement

PO#BPO2024030163

Hrs/Qty Service Rate/PriceAdjustSub Total
1 CodeIgniter and MODX Deployment Service

Project Overview
This project involves the deployment of a web application using the CodeIgniter framework and MODX Content Management System (CMS), both of which are compatible with PHP 7.0.
The deployment will ensure the application is secure, scalable, and performs efficiently to meet the client's business requirements.

Objectives
To deploy a secure and scalable web application using CodeIgniter and MODX with PHP 7.0.
To ensure the application is optimized for performance and user experience.

Scope of Work
1. Preparation and Planning
Assessment: Evaluate the current infrastructure and application requirements.
Environment Setup: Prepare the development, testing, and production environments.

2. Development Environment Setup
Code Repository: Set up a Git repository for version control.
Local Development: Configure local development environments for the development team.

3. Deployment Architecture
Cloud Platform Selection: Propose an appropriate cloud platform on azure app service
Server Configuration: Configure servers to support PHP 7.0, ensuring compatibility with CodeIgniter and MODX.

4. Security Implementation
SSL/TLS Configuration: Implement SSL/TLS certificates for secure data transmission.
Data Protection: Apply encryption for sensitive data storage and transmission.
Security Hardening: Implement security best practices for PHP applications and server configurations.

5. Application Deployment
CodeIgniter and MODX Installation: Install and configure CodeIgniter and MODX on the server.
Database Configuration: Set up and configure the MySQL database for the application.
Application Configuration: Configure the application settings, routes, and necessary modules/plugins.

6. Testing and Quality Assurance
Functionality Testing: Test the application for expected functionalities.
Performance Testing: Conduct performance tests to ensure the application meets speed and responsiveness standards.
Security Testing: Perform security assessments to identify and fix vulnerabilities.

7. Launch and Post-launch Support
Application Launch: Officially launch the application to the production environment.
Monitoring: Set up application and server monitoring tools.
Support: Provide post-launch support and maintenance services for a defined period.

Deliverables
Deployed web application using CodeIgniter and MODX on PHP 7.0.

$42,000.000.00%$42,000.00
1 Vulnerabilities Enhancement

1.     SSL/TLS Certificates:
Replace weak hash algorithm certificates with stronger ones (e.g., SHA-256).
Configure the web server to use TLS 1.2 or 1.3 only, disabling older protocols.

2.     Security Patches:
Patch the application and server configurations to mitigate vulnerabilities such as XSS and PHP info exposure.
Apply recommended security configurations from the vulnerability scan reports.

3.     Security Hardening:
Follow best practices for Kubernetes security, including the use of secrets for sensitive data, role-based access control (RBAC), and network policies.

4.     Monitoring and Logging:
Set up Azure Monitor and log analytics to keep an eye on the application and infrastructure security.

5.     Compliance:
Ensure that all changes and configurations comply with the necessary standards, such as PCI DSS if applicable.

$22,000.000.00%$22,000.00
Sub Total $64,000.00
Tax $0.00
Total Due $64,000.00

*Cheques should be crossed and made payable to “Hazedawn Limited”
*Company bank account - Bank of China - 012-720-0-003526-8

Hazedawn Limited
FPS ID: 160462198