Last week, Tavis Ormandy from Google’s Project Zero discovered a huge problem in the security of CloudFlare‘s edge servers. He contacted the company and reported that corrupted web pages were returned by some HTTP requests run through the popular hosting provider. Below, we shed light on the problem as well as provide information on how to prevent Magento form the new bottleneck dubbed CloudBleed. Continue Reading
Magento 2 can be compared to a fortress when it comes to security, but there is still a room for improvement. Thus, you can enhance Magento 2 admin security, so malefactors will never still precise information about your ecommerce website and customers. The following post sheds light on vital improvements based on third-party Magento 2 security extensions which add extra protection layers to a default admin processes. If you also think that the default Magento 2 security must be enhanced, you’ve come to the right place.
There is already a post dedicated to Magento security patches in our blog. SUPEE-6482, SUPEE-6285, SUPEE-5994, SUPEE-5344, and others are described here: Magento critical security patches. And since it includes too much information, we’ve decided to create a new one which sheds light on the latest patch – SUPEE-8788. The new security improvement is vital since it fixes lots of vulnerabilities. Although most of them haven’t been utilized in attacks, it’s not the reason to ignore SUPEE-8788. Continue Reading
Recently, we’ve reviewed Extendware Anti-Spam Captcha – a tool designed to free your Magento website from spammers. This time, we’d like to draw your attention to another similar product – Bot Blocker. This Magento extension blocks bad bots and frees up server resources consumed by them. Hence, you get a faster store that exists without spam. Continue Reading
A new Magento malware has been discovered and it is a malicious script by
UPD (21.10.15) SUPEE-6788 will help you solve the Guruincsite issue
Thousands of Magento websites have been hacked recently. Luckily, there are several useful methods designed to fix the current problems. If your e-commerce website is insecure, then you should hurry up to prevent the undesirable consequences. If your store is affected, it is also important not to delay the solution of the problem. In the post below, we gathered all important information about Magento security issues, which will be useful in both cases.
Magento critical security patches SUPEE-5994, SUPEE-5344, SUPEE-1533 (Shoplift) (all official Magento security patches) Continue Reading
In this topic we’re going to cover such relevant issues that can come in handy to e-commerce businessmen or just people who are interested in the further e-commerce development. Consequently, let’s figure out what we should expect down the road.
Magento Community Edition 22.214.171.124 has ben released. It contains multiple improvements over older versions. 126.96.36.199 is a major release , so it’s very important not to miss it. In this post we will show you how to upgrade from previous Magento version to the new one. Don’t forget to try Magento CE 188.8.131.52 upgrade in a test environment. The operation is not risky, but there is always a chance to break something.
G good Magento optimized hosting is very important for making your ecommerce store fast and stable. In this article we’ve gathered 16 best solutions of 2015. Short descriptions, prices and dedicated links are provided.