Magento website security
According to the Magento website, Magento is the world’s #1 commerce platform and is now used globally by around 260,000 merchants with a reach of over 51 million digital commerce consumers.
Many home and small businesses have chosen Magento as their preferred commerce platform because of the low price (free) , great templates available and active user forums offering advice and support to shop owners. It is indeed a great platform for anyone thinking of starting an online shop.
MAGENTO WEBSITE HACK?
Having a website hacked or defaced is extremely stressful for any business owner, but for a digital commerce owner – it can be catastrophic. Loss of revenue can cause financial issues with many small businesses unable to afford a few days downtime. On line reputation/brand damage , if serious enough can destroy the customers trust and inevitably the business itself. Everyday ‘in your face;’ hacks and defacements however although serious enough are nothing in comparison to the new silent enemy of shop owners – the data breach. A data breach or compromise is the silent but deadly enemy of any on line business. They are now a daily occurrence with some of the largest sites being shown in the news to have leaked customer details to hackers who now understand the value of data, and sell this information on. Uber, Carphone Warehouse, Equifax have all been subject to data breaches and also the corresponding fines.
As a shop owner, you are responsible for keeping your customer data protected. The new GDPR legislation being rolled out within Europe will make website owners liable for the data they collect. With huge fines being levied for data breaches, it is imperative that site owners protect their websites. Failing to do so will now carry a heavy cost.
FREE MAGENTO SECURITY PLUGIN
Magento does have a number of ‘out of the box’ security features, but hackers adapt and if you have any bespoke code in your site – you are most likely vulnerable. The good news is that we have a great free of charge Magento extension – SharkGate FileMonitor
Its main features include:
– Email notification of any files added or modified on the website.
– Scheduled Scans – Setup a schedule for the file modification check times (Hourly, Four Times a Day, Twice Daily and Daily).
– Manual Scans – Ability to request an immediate check for any recently modified files.
– Option to exclude specific files and folders from any scans (for example a cache folder, an error log files, etc
– Option to exclude specific file extensions from any scans (for example .txt, .css, etc)
This is a great tool you can add to your Magento installation which will offer some extra protection. It’s easy to use and only takes a moment to install. Give it a go!
We also suggest protecting your site using a firewall that blocks hacking attempts and data breaches. The importance of this was already discussed here but do contact us if you would like to learn more on this topic as we do offer a custom developed SharkGate™ firewall.