Magento Security Patch: SUPEE-6788

The Magento team have released a new security patch (SUPEE-6788) which addresses over 10 issues. Special care is required when installing this patch so read through the notes from the Magento team below and if you are unsure then please hire a professional Magento developer to help you out.

The Magento Team Bulletin

Dear Magento Merchant,

Today, we […]


How do you know when your Magento site is vulnerable?

Previously, I’ve discussed the need for keeping your website up-to-date with a website maintenance package to prevent breaches as hackers find new and innovative ways to challenge security systems. The more outdated your website, the greater the odds of potential threats to your system. I’m sure, by now, you’ve done what you can to address […]


GuruInc JavaScript attack on Magento stores

Security company Sucuri have just announced that they are seeing an increased attack on Magento stores. The attack is in the form of hackers injecting malicious scripts that produce iFrames from the website “guruincsite[.]com”.

To find out if your Magento store has been attacked and, if so, how to fix this security issue get in touch […]


Jumping Jack and the moving paragraphs

This is a problem that I see a lot on many different websites although it’s mainly ones which are heavy on advertising and social media plugins. As text generally loads much faster than images, and advertising is mainly images, you tend to see the text content of pages loading before the advertising and other graphics. […]


A security test for your Magento online store

If you are puzzled about all of the Magento security patches and best-practice server settings, and there are quite a few, then there is an easy check that you can do yourself that takes just a few minutes that will tell you whether your Magento store is secure. It doesn’t cover everything and you should […]


Magento Security: is your online store open to brute force attacks?

The forensic team at Foregenix has recently identified a number of cases where attackers use a brute force to gain full access to Magento stores.

These attackers were able to gain full access to Magento stores due to a combination of weak passwords and poor file system setup in the Magento directory, namely the www./downloader/.cache/community and […]


New Google logo, attention to detail

As much as I dislike Google as a company you have to give them credit for the amount of detail in their new Google identity. Some would say it’s ‘boring’ but their attention to detail runs much deeper than just visual. 305 bytes instead of their old logo at ~14,000 offers a much faster load […]


What are the perfect SSL settings?

Setting up a secure site isn’t just about adding an SSL certificate. It’s about securing your web server, keeping system software up-to-date, turning off server options that you don’t need, having a professional website built by a company who understands security and a lot of other considerations but you can go a long way with […]


Why do I need a website maintenance package?

This is a question I get asked a lot. Having just forked out for a website build, many feel a maintenance package is an unnecessary extra cost, however there are some very good reasons to consider them.

Your website is like a car; there may be no obvious break-in routes once it’s locked down, but thieves […]


Magento Patches & Security Test

There have been a number of security patches released lately for the Magento 1.x platform and for the general store owner it’s hard to know if you have these patches installed without the help of an experienced Magento developer.

Here’s a quick test which will tell you if they have been applied or not. You will […]