Thinking|Think Rival

Blog
How to Improve Your Magento Security

How to Improve Your Magento Security

10599659 10153498657245995 4986095126532608633 nJustin Volpato | read time

    You can never be too safe when thinking about security for your online business. Hackers are clever, almost too much so. It's wise to be one step ahead, and plan for any unexpected activities. If your website is secure, your business will be trusted. Trust is the key to continuing positive customer relations and building on revenue.

    We have compiled a list of points to help keep your Magento e-commerce site safe and prevent (and to some extent, avoid) any security issues:

    • Keep updated with newest version and use patches- Magento fortunately gets updated at a consistent rate, with subsequent versions fixing issues those preceding. As soon as a stable release is available, test then implement it. You can also download security patches from the Magento website and using a scanner, test for vulnerability.

    • Use two-factor authentication- this process involves using both the Google Authenticator application and your smart phone to verify the session. When logging into Magento, you will need to enter a temporary security code (as each code is refreshed every 30 seconds, a hacker will be unable to login to your backend, even if they know your Magento password)

    • Don’t save your password on your computer- your browser may not be the safest place to store your password (browser password functionality is considered a weak spot). There are third party password management services you can employ (take a look here for some options - https://www.consumeraffairs.com/internet/password-managers/)

    • Use HTTPS – when data is sent across an unencrypted connection, there is a risk form data (e.g. login and credit card details) can be logged by hackers. To eliminate this possibility, you need to ensure you have a secure connection.

    • Be wise with your Magento password- ensure you include upper and lower case alphabets, numbers and special characters (e.g. ?, /, > etc) and don’t use your password for any other programs or websites

    If you would like to discuss all things security and how you can better manage your e-commerce site from online predators, get in touch with us today!

    Ready to start a project?

    BOOK A CALL