Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

mail_open
is there a extension for magneto website security ( Anti Hacking ) ?
Avatar
Krishna Kanth

Excellent
July 16, 2014 - 7:30 am
Member Since: June 19, 2014
Forum Posts: 70
sp_UserOfflineSmall Offline

is there a extension for magneto website security ( Anti Hacking ) ?.
or please provide us the tips to keep the site secure in a shared hosting.

Avatar
Matthew Ogborne

Founder
July 16, 2014 - 8:51 am
Member Since: July 18, 2013
Forum Posts: 4565
sp_UserOfflineSmall Offline

Hi Krishna,

Security is almost always common sense.

1. Limit the number of extensions being used and the ones that you do use are not using encrypted source codes
2. Change your admin URL (video here Securing your Magento Admin panel)
3. Use a CDN so that when you do get attacked, that you have some ability to cope with it (video here)
4. Use strong passwords for ALL accounts – https://strongpasswordgenerator.com/ and change them frequently. Consider an extension like this one for two factor logins.
5. Restrict user access to sections that they only need
6. Have a remote backup schedule in place that is tested and works
7. If using Magmi, use the UE version that has password protection and also consider this extra step
8. Keep an eye out for security updates on the Magento site here http://www.magentocommerce.com…..ease-notes

And so on…

Hope that helps.

Matt

PS. We personally do the majority of those where needed.

"Selling an item online is easy, but making living from a business that sells online, well that’s something different entirely!"

Ultimo Magento Theme

Avatar
Krishna Kanth

Excellent
July 20, 2014 - 10:32 am
Member Since: June 19, 2014
Forum Posts: 70
sp_UserOfflineSmall Offline

hi does any body tried ?
https://www.sitelock.com/
with M2e Installed. please advise

Avatar
Dave Furness

Founder
July 21, 2014 - 10:55 am
Member Since: July 19, 2013
Forum Posts: 4606
sp_UserOfflineSmall Offline

Neither myself or Matt have used this extension with UnderstandingE so far, so can’t comment.

Dave

Every expert was once a beginner

Avatar
Jim @ Moogento
Global

Partner
July 28, 2014 - 11:48 am
Member Since: November 7, 2013
Forum Posts: 688
sp_UserOfflineSmall Offline

The recommendations there are good, and I think focused on frontend access. It’s also a good move to secure SSH access.

One of the first things I do when setting up a new Magento install is to get Fail2Ban running. A good rundown is here:
http://feross.org/how-to-setup…..ur-linode/

I set that up on a site recently and blocked something like 35,000 IPs the first day.

I’ve also developed this anti-spam plugin (*free of charge – get it here!). This doesn’t attempt to stop hacks, but stops spammers actually sending spam comments, and leaving spam reviews. This is something which usually stays quiet for a while, and then suddenly you have 5000 spam reviews in a day, and 50 spam comment form submits – NoMoreSpam! will stop most of that.

You can also look at making some kind of double-edged honeypot for frontend attempts. There’s a 2-pronged approach, banning IPs from robots that claim to be a search engine but are not, and blocking robots that don’t respect your robots.txt rules. This significantly reduces server bandwidth usage.

  • pickPack - smarter Magento packing sheets and warehouse picklists
  • shipEasy - process multiple orders with no sweat & get a visual sales overview easily

Avatar
Jim @ Moogento
Global

Partner
August 17, 2014 - 5:46 am
Member Since: November 7, 2013
Forum Posts: 688
sp_UserOfflineSmall Offline

Quick update, we just released an update (still free!) to NoMoreSpam!.

Basically what this does is add in more checks to the default Magento basic anti spam stuff (which are easily, and often, circumvented by spammers).

It now should check for spamming to the newsletter signup form, it has some custom code to work with custom contact forms, and makes more checks to product review submissions. Oh, and it also can check the ‘Create Account’ form for spammy submissions.

If you ever get spam messages via your contact form, or have hundreds of pending spam product reviews, this is for you!

  • pickPack - smarter Magento packing sheets and warehouse picklists
  • shipEasy - process multiple orders with no sweat & get a visual sales overview easily

Avatar
Dave Furness

Founder
August 17, 2014 - 7:20 pm
Member Since: July 19, 2013
Forum Posts: 4606
sp_UserOfflineSmall Offline

Thanks for sharing Jim! Great extension

Dave

Every expert was once a beginner

 

Why Should You Join UnderstandingE?

 
  • Access to over 500 step-by-step video tutorials
  • +20 video courses available
  • Magento, M2E Pro, Magmi, eBay, Amazon & Design all covered
  • Everything is in 100% Plain English
  • Learn how to build your own multi-channel software for eBay & Amazon
  • Access to the community forums, meet fellow business owners like yourself

Join Now with 2 Clicks

 

Join now for less that £1 per day you can gain access to over 400 step-by-step video tutorials & learn how to build your very own multi-channel software.

 

Forum Timezone: Europe/London

Most Users Ever Online: 1012

Currently Online:
16 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Jim @ Moogento: 688

Steve Froggatt: 514

Badeth - UE: 513

Jimbob: 453

Paul Cartwright: 414

Forum Stats:

Groups: 6

Forums: 37

Topics: 5222

Posts: 27488

Administrators: Matthew Ogborne: 4565, Dave Furness: 4606