Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

megento secuty

SOLVED
Go to solution
‎06-13-2019 07:08 AM
‎06-13-2019 07:08 AM

megento secuty

Hello,

The website is LOW after the security scan!

I cannot upload the PDF there is nothing

Here: Pictures

 

Thanks

Jacky

Labels:
0 Kudos
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
‎07-04-2019 08:24 AM
‎07-04-2019 08:24 AM

Re: megento secuty

Magento 2 Security patches

The best advice is to fix your Magento 2 security issues immediately after a new update is released. This way you will be protected against known vulnerabilities.One more thing about installing Magento security patches. Bear in mind that some Magento 2 security patches are harder to install than the other. Always use a separate environment to test-patch your Magento store before you install the patch on you live website. This way you can speed up patch deployment and avoid interruptions to your business.

 

Remove Unnecessary User Permissions

Magento 2 Admin Panel is the source of more trouble than anything else. Even a limited access to the Admin Panel opens up to the malicious users a sea of possibilities to hack into the store.

The Panel is full of critical issues that can be exploited if the hacker is knowledgeable enough: leaking of credit card details, hijacking of full admin privileges, malware injection, etc.


Get Rid of Unused Magento 2 Extensions

We’ve already mentioned this tip in our speed guide. Well this tip is extremely important for Magento 2 e-commerce site security, too.

 

For more details refer: https://magento.com/security/best-practices/5-immediate-actions-protect-against-brute-force-attacks

View solution in original post

Reply
2 REPLIES 2
‎07-04-2019 08:24 AM
‎07-04-2019 08:24 AM

Re: megento secuty

Magento 2 Security patches

The best advice is to fix your Magento 2 security issues immediately after a new update is released. This way you will be protected against known vulnerabilities.One more thing about installing Magento security patches. Bear in mind that some Magento 2 security patches are harder to install than the other. Always use a separate environment to test-patch your Magento store before you install the patch on you live website. This way you can speed up patch deployment and avoid interruptions to your business.

 

Remove Unnecessary User Permissions

Magento 2 Admin Panel is the source of more trouble than anything else. Even a limited access to the Admin Panel opens up to the malicious users a sea of possibilities to hack into the store.

The Panel is full of critical issues that can be exploited if the hacker is knowledgeable enough: leaking of credit card details, hijacking of full admin privileges, malware injection, etc.


Get Rid of Unused Magento 2 Extensions

We’ve already mentioned this tip in our speed guide. Well this tip is extremely important for Magento 2 e-commerce site security, too.

 

For more details refer: https://magento.com/security/best-practices/5-immediate-actions-protect-against-brute-force-attacks

Reply
‎07-08-2019 08:34 AM
‎07-08-2019 08:34 AM

Re: megento secuty

Hi,

I put the key but I cannot connect the backup magento.

I lose access to the Admin.

Do I need to go to Terminal to disable ?

Capture d’écran 2019-07-08 à 17.16.40.png

php bin/magento msp:security:tfa:reset <username> <provider>
0 Kudos
Reply