Magento is one of the most popular eCommerce packages on the Internet today. Unfortunately, that also means that it's one of the most attacked platforms as well. In this article, we'll discuss some simple steps you can do to help protect your Magento eCommerce store.
-
Update Magento to the latest version. New attacks are continuously developed and it's important to stay on top of your updates and all security patches.
-
Use two-factor authentication for all admin logins. Using Multi-factor authentication is critical for modern password security. Fortunately, this is built-in to Magento and just needs to be enabled.
-
Change the path of your admin panel. Attackers are usually trying to gain access to your administrator login panel. Changing the path to something custom stops most of these attacks before they can begin! Changing your admin path is easy, as described by the Magento developers.
-
Always use TLS to encrypt your traffic. Encrypting traffic to and from your website is critical for you and your customers. Always use a TLS connection with any website when transferring sensitive data.
-
Maintain routine backups and test them. A backup can become your last option between restoring your store and going out of business – we've seen it happen. Always maintain full backups of your Magento site.
-
Use the proper hosting provider type. Choosing the right provider can mean the difference between secure and insecure. Make sure you choose the right hosting provider for your business, to include a provider that's PCI compliant.
-
Use a Web Application Firewall. Web application firewalls are an industry best-practice used to stop breaches in their tracks. We recommend deploying a Web Application Firewall for all web applications, not just Magento.
-
Use Magento Scanning Tools. Use a third-party scanning tool to look for issues with your Magento site. Magento operates their own, but you can find additional services from magescan.com and magereport.com.
Protecting your Magento site is about securing both your business as well as the finances of your customers. For more information on this topic, please reach out to us; we're here to help!