If you are running an eCommerce site, you must read this now: very soon in February 2017 any non secure page will produce a nasty warning for users! The warning will say Your connection to this…
12 No-Brainer Security Tips for Running a Secure Magento Server7:00 am
Recently we have been getting a flood of calls from distressed Magento store owners with compromised servers. As a result we compiled a comprehensive list of security tips on running a secure Magento environment. Some tips are basic but still it is worth mentioning it here sine I have seen so many cases were the basics are not covered properly. Like any other eCommerce application residing on a web server, Magento needs to be secured and one will be surprised how often these basics mistakes are done on live production servers.
Security Tip: Disable the HTTP TRACE method in Apache10:57 am
If you are running a multi-million dollar eCommerce site you may want to make sure that the HTTP TRACE method is disabled. By default this method is enabled in Apache, and if enabled it allows for Cross Site Tracing Issue and potentially giving the option to a hacker to steal your cookie information from a specific website so later they can impose as you.