Researchers at Foregenix highlight a large number of Magento sites are at risk.
A look at a range of third party scans, a useful free resource.
A look at MageCart a card skimming toolkit and the latest Content Security Policy HTTP response header.
Mobile phone sales are increasing but cart abandonment remains an issue.
Black Friday weekend is fast approaching leading us to look at some of the best practices.
A look at the support stages of each PHP release.
Magento 1 receiving support confirmed until June 2020.
New Magento hosting packages.
We have always prided ourselves on offering the best performance to cost ratio in Magento hosting. To continue and move forward we have updated our packages enabling Dx3Webs to offer a fantastic increase in disk space, bandwidth and where applicable, RAM, at a very modest price increase.
Official PHP 7.2 patch released for Magento 1.
A recent hack was discovered to have targeted Paypal, changing the API credentials allowing the thieves to receive payments.
In a bid to diversify Adobe has purchased Magento for $1.68 Billion from private equity firm Permira who made its purchase in 2015 from Ebay.
Magento has continued to be the leading platform in eCommerce with estimates suggesting it is implemented in 1 in 4 online businesses. With the release of Magento 2 in 2015 the development team aimed to ensure its popularity as the leading eCommerce platform.
Varnish Cache is a web application accelerator also known as a caching HTTP reverse proxy. It is installed in front of any server that speaks HTTP and configured to cache the contents. The user puts in a request which first goes to the Varnish server and if no cache exists would pass straight though to the end server. If cache is held in Varnish memory the page is delivered substantially faster than having the server process everything again on disk. Varnish is a magnitude faster than relying on only Magento’s cache alone.
Site secured, a random generated login password, firewall in place and even a Web Application Firewall installed, security all taken care of. All except one other factor, the ever increasing presence of phishing scams.
Here at DX3Webs we focus on providing the best hardware setup giving you the ideal platform to meet your needs. With a focus on the speed of your site our servers are high specification to enable a quick responsive experience for the end user. Carefully chosen hardware can only do so much, and it must be paired with the correct software to get the most out of it. Magento 2, at time of writing, fully supports PHP 7.0 and 7.1., here we look into why you should be giving serious consideration into migrating.
Security, security, security.
As covered in our recent blog online security is more important than ever. When running a bricks and mortar shop you would know to never leave the shop unattended, to lock the door and drop the shutters on a night and set the alarm. Online shops are the same and although the various forms of security are different (patches, firewalls) they have the same purpose, to protect your business. One of the more advanced means of securing your website is a Web Application Firewall (WAF). This is a solution whose function is to monitor, filter and if necessary, block, any HTTP/HTTPS traffic to and from the end users server. Essentially your firewall prevents non-HTTP/HTTPS attacks while the WAF would also prevent malicious or unwanted HTTP/HTTPs data allowing only safe traffic through to your server.
The figures speak for themselves. 78% of ecommerce websites are at risk of breach according to 60,000 scans on Magento sites carried out using Foregenix handy scan your website tool. The 78% of sites are missing critical patches where 5% are confirmed to have “harvesting malware stealing their customer details” according to the article.
The PCI council has stated that by the 30 June 2018 all SSL/early TLS encryption protocols should be disabled in favour of TLS 1.1 or higher
To provide further protection to our customers we will be actively scanning sites for the use of Direct Payment Method provided by Ebizmarts Sagepay suite and disabling these.