The figures speak for themselves. 78% of ecommerce websites are at risk of breach according to 60,000 scans on Magento sites carried out using Foregenix handy scan your website tool. The 78% of sites are missing critical patches where 5% are confirmed to have “harvesting malware stealing their customer details” according to the article.
The PCI council has stated that by the 30 June 2018 all SSL/early TLS encryption protocols should be disabled in favour of TLS 1.1 or higher
To provide further protection to our customers we will be actively scanning sites for the use of Direct Payment Method provided by Ebizmarts Sagepay suite and disabling these.
Black Friday and the long-term change in shoppers habits Barclay Card, who currently process nearly half of all UK debit and credit card transactions, stated there was a rise of 8% on 2016 spending during Black Friday. What these figure don’t show is a continuing shift in customers shopping habits with a decrease in people visiting stores and an increase in online sales.
New patch available for Magento: SUPEE-10570, Magento Commerce 220.127.116.11 and Open Source 18.104.22.168
In July 2018 Chrome will flag all NON-HTTPS pages as NOT SECURE.
Our Magento hosting prices are changing offering even greater value for money.
Magento: Upgrade or Patch Now
Magento has released new versions of Magento Commerce and Magento Open Source to increase product security:
Magento Commerce 22.214.171.124
Magento Open Source 126.96.36.199
SUPEE-10415 (patch for earlier Magento 1.x versions)
These releases contain multiple security changes that help close cross-site scripting and authenticated Admin user remote code execution vulnerabilities.
We strongly recommend that all merchants upgrade to these versions as soon as is reasonably possible.
Download and install the Magento Commerce updates by logging into My Account and navigating to the version you want to download.
More information about these security changes is available on the Magento Security Center. Full details are available in these release notes:
Magento Hosting Specialists
SUPEE-10266, Magento Commerce 188.8.131.52 and Open Source 184.108.40.206 contain multiple security enhancements that help close cross-site request forgery (CSRF), unauthorized data leak, and authenticated Admin user remote code execution vulnerabilities.
Installing a 3rd Party SSL
Looking back at developments in 2016
This simple meta tag can help resolve insecure or mixed content errors when moving to full site https
A number of customers are reporting similar emails all claiming that their cards have been fraudulently used
Access is locked. Please try again in a few minutes.. changes to Magneto Connect / downloader security model.
Magento 1 SUPEE-8788, Enterprise Edition 1.14.3 and Community Edition 1.9.3 address Zend framework and payment vulnerabilities and several other security enhancements
The time when all sites will require an SSL certificate is fast approaching.
Installing a small extension could double the response time of your magento 1,9x site.. for free
If you have not done so already please update all copies of Webforms Pro to the latest verison
A practical case study of AWS v Dx3
Magento 2 is firmly here This week Magento 2.1.0 was released passing that key .1 mile stone. After a few buggy releases this marks the point where Magento 2 is stable and ready for the real world