Category: Magento
-
SUPEE 11155 – MAGENTO SECURITY UPDATE
Supee-11155 has now been released. This update offers a range of security updates that help close remote code executions (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities. This is an important update given the range of security issues addressed. Patches and upgrades are available for the following Magento versions: Magento Commerce […]
-
WORKING WITH MULTIPLE PHP VERSIONS ON CLI / COMPOSER
There are a few reasons why we built our hosting solution around Plesk. 1) It is extremely light weight. Essentially its only function is to provide a front end for configuring nginx / apache / php. That is it. There are no other over heads. 2) It is extremely flexible. You can specify any version […]
-
ENABLE PHP 5.6 ON UBUNTU 18.04 / PLESK 17.8
Ubuntu 14.04 reaches end of live at the end of April 2019. So OS upgrades will be at the top of a lot of sysadmin TODO lists right now. While Ubuntu 16.04 will be supported till April 2021 most will be looking to jump to Ubuntu 18.04 which be now be supported for TEN YEARS […]
-
PATCH: SUPEE-11086
Magento Commerce 1.14.4.1 and Open Source 1.9.4.1. Contains multiple security enhancements that help close remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities. Available for: Magento Commerce 1.9.0.0-1.14.4.0 (supee-11086 or upgrade to Magento Commerce 1.14.4.1) Magento Open Source 1.5.0.0-1.9.4.0 (SUPEE-11086 or upgrade to Magento Open Source 1.9.4.1) Information for all […]
-
MAGENTO RELEASES AND SECURITY UPDATES MARCH 26TH
The release of Magento 2.3.1 is to include the Page Builder content editing tool, inventory and performance enhancements as well as developer and security updates. Updated versions of Magento 1, 2.1 and 2.2 are to be made available on the same day. Page Builder Exclusive to Commerce 2.3.1. No coding required to design and build […]
-
MAGESTORE LOCATOR EXTENSION: CRITICAL VULNERABILITY
The Magestore Locator extension version 1.0.2 (and earlier versions) that could result in unauthorised access to sensitive information. Magento has urged customers running Magestore Locator extension to disable it or block requests and request/implement an update from the extension developer. Magento has had reports that the extension has been exploited. In particular users should have their […]
-
POST-PURCHASE: DELIVERY
Post-Purchase: an undervalued opportunity? Your customer has hit that buy button and your job has only just started. Communication When managing and growing an eCommerce store, providing delivery choices and keeping your customers up-to-date during the process can lead to a better relationship and return business. As we know, acknowledging an order and providing a tracking […]
-
AUTHORIZE.NET DIRECT POST ENDING SUPPORT FOR MD5 BASED HASH.
Authorize.Net: support ending for MD5 Authorize.net will stop supporting MD5 based hash usage on March 14. Magento implements the Authorize.Net Direct Post payment method, using Authorize.Net’s AIM (Advanced Integration Method) and DPM (Direct Post method) APIs, which use MD5 based hash. Authorize.Net will stop supporting MD5 based hash tag on March 14. This issue affects all Magento […]
-
MAGENTO 2.3: ELASTICSEARCH SUPPORT INCLUDED
Hidden in the release notes of Magento 2.3, under Other Improvments we find: “Elasticsearch support for Magento Open Source version. Elasticsearch support was previously provided in Magento Commerce only.” So what does this mean? It translates to, anyone with a dedicated or VPS (cloud) server can request Dx3Webs to install Elasticsearch. What is Elasticsearch It […]
-
SPAM USERS: HOW TO PREVENT SIGN-UPS
Magento stores have witnessed an increase in SPAM user registrations. Originating from multiple IP addresses these attacks can easily overwhelm a small Magento store even when paired with a WAF. There are additional defences against such attacks that can be quickly and easily implemented. Block IPs This can be a short time fix. However, these […]