Security Notice for Magmi Product Importer

securityThe Magmi product importer is used by many Magento stores to quickly and easily import a large number of products.  Unfortunately, a recent security vulnerability has been found in Magmi that can allow an attacker to upload malicious code if the Magmi installation is publicly available. This could allow the attacker to gain credit card information or other confidential data from your store. If you use Magmi, we strongly recommend that you remove the code from any publicly accessible directory immediately to limit your risk to this vulnerability. Below you will find instructions for securing access to Magmi using Apache/Litespeed and Nginx.

(more…)

Securing Magento’s Admin Dashboard

magento_securityThe Magento Admin Dashboard is the gateway into the core of your eCommerce store, so it is important that you protect this gateway from intruders and malicious activity. Fortunately, you can lock down the Magento Admin Dashboard by just using a few simple modifications.

 

(more…)

Routine Magento Maintenance

magetipThis blog post is intended to explore the importance of routine Magento maintenance. Keeping your Magento store clean and maintained is an important step to ensuring that your store performs as optimally as it can regardless of the platform you host it on. This also ensures that, should something happen with your store, you are well equipped to handle it. Below are some simple tasks you can take to make sure you are getting the most out of your Magento store. These tasks are available in your Magento administration panel under System-> Configuration -> Advanced -> System. For these tasks to work, you must have your Magento Cron set to run. For instructions on how to do this, please see our previous blog post on enabling the Magento Cron.

(more…)

Magento Maintenance Mode

magetip

Magento 1.4 and newer allows the ability to set your site in “maintenance mode” by creating a blank ‘maintenance.flag’ file in the document root of your webserver (public_html). This is ideal if you need to take the public site offline for developmental changes. The downside to doing this is that you also lose access to the site, which can make checking site changes difficult. By slightly modifying the index.php code, we can change this behavior to maintain access to the site for certain IP addresses. This would allow the site developer, for example, to maintain access while presenting the maintenance page to all other visitors.

(more…)

Manually Disabling a Magento Extension

Magento TipsSometimes a Magento module may break the frontend and/or backend of the site. When this happens, you will not be able to disable the module from the Magento admin area. Fortunately, it is not only possible but also fairly easy to manually disable the extension or module in question to restore site functionality.

(more…)

Share

  • Recent Posts

  • Archives