Magento has been working with the team at Byte.nl to report and alert users on the progress of patched and vulnerable sites. It's a free tool Byte has made to the public. It's simple for non-tech folks as well. They also offer some remediation advice.
Has anyone found this useful? www.magereport.com
Thought it would be worth sharing!
Jep we use it all the time. It is a quick and easy tool to check your site. Down to earth. And easy for non technical people too. How else do you expect a store owner or director to be "certain" that they are safe. I think it is an excellent solution! However I would somehow protect its use behind a magento login (on the other hand this makes it difficult for the store owner or director again to access it.) Also you do not want certain bad guys to use it for the wrong cause so they can find hacking targets easily.
Magereport is probably the best online tool we have for Magento out there.
It's free, it helps you secure your Magento store, it provides security check for some of the most used 3rd party modules and it's super easy to use.
So yeah, I use it on my own Magento websites. When I discover a new Magento website, I run it on MageReport (just in case I ever need to buy something on it).
Security is the first thing on the list of things you wanna get right when building a e-commerce store so MageReport is definitely a must have to me.
> Magereport is probably the best online tool we have for Magento out there.
Same opinion here. We add all the stores we maintain to our Magereport profile. When we are asked whether we want to take over maintenance for a merchant, we check the store with Magereport to get a first impression even before we get access to the codebase etc. It's easy to miss something when you do the check yourself so it makes sense to rely on something that is tested properly.
I too use it to analyse that the site is patched or not if I do not have code access. It is very helpful for the non technical users and simple to use.
But some times it does not show correct results.
For some of the patches for the sites it shows We were unable to conclusively check your shop. The check might have been blocked by other emergency measures you, or your provider, have taken.
Some times when I scan a magento site it shows following message
Error checking example.com
example.com is returning "No Magento installation found"
Though I tred with the correct magento site url ( I mentioned example.com just as dummy url )
Usefull? Very usefull! A must have tool for the community
You definitely should support this tool.
We use it almost every day. The checks are very useful and are specific developer-targeted checks. Byte also provides information on how to handle the outcome when it's not positive. The developers behind Magereport are very responsive when you find bugs or problems in the checks, making the platform increasingly robust.
A neat trick that not many people know is the hamburger menu icon top left. This will show you a list of all the checks that do not have positive outcomes. You can quickly see which checks are not okay for which shops instead of clicking through each shop to see which notifications are there.
Also, the email alerts are great. Gives me a peace of mind.
Magereport saves us a ton of time!
Yes, MageReport is a great tool to check the security of your shop. It's easy also for non-tech users to use it and see how good your shop is rated and secured.
It's very up to date and does not only include official Magento security patches, but way more checks for malware and other things.
A must have tool for all Magento developers, agencies and merchants!
I Just check my magento 2.1.6 website in magereport.com it shows "www.example.com is returning No Magento Installation Found" please help me to solve is there any issues on it