cancel
Showing results for 
Search instead for 
Did you mean: 

RSS Security

RSS Security

Magento has a built in frontend rss feed for customer orders via /rss/sales/orders that is blocked via page auth which seems open to brute force attacks?

Also if I was to use the same function for access via frontend to fetch other system data ( customers list etc)

Is this good practice to have frontend single login access for this output?