This guide outlines a multifaceted approach for improving the security of your Magento installation, with over fifty tips on the following topics:

Protecting the Environment

• Server, advanced techniques, and applications.
• Admin desktop 
• Magento installation

Developing a Disaster Recovery Plan
Conducting a Security Review

What to Do if Attacked

You can find Magento Security Best Practices in our user guides:

• Magento 1.x Community Edition
• Magento 2.x Community Edition
• Magento 1.x Enterprise Edition
• Magento 2.x Enterprise Edition

For the most current information, see Magento Security Best Practices in the Magento Security Center. While you're there, be sure to sign up for our Security Alert Registry.