Skip to content
FREE WEBSITE SCAN

MAGENTO SECURITY INSIGHTS

Free Magento Cybersecurity Resources.

What do we know about Magento?

Well... quite a lot. We monitor the security posture of over 224,000 Magento websites across the Magento 1 and Magento 2 platforms.

Our forensic team helps a LOT of hacked Magento websites each year - much of our capability to detect threats comes from this experience.

We know how the criminals break in and steal data from Magento sites - Our mission is to protect small and growing businesses from criminals - through information, education and our technologies.

What are the stats?

Download our latest report at the link below (scroll down for previous reports).

Download July's Report
Receive Email Updates
Foregenix-Logo-Magento-Colour

Over 125,000 websites are still on Magento 1

1,250 Magento sites are having their customer payment data stolen right now

25% Magento 2 websites are High/Critical Risk

Enter your email address to receive Magento Security Advice and report updates

We will not share your email and will only send you report updates and related security advice. You may unsubscribe by clicking the unsubscribe link on each email.

Start your journey to a safe Magento website here:

1

Update your password regularly

This is age-old advice - so we wouldn't suggest it if it wasn't critical. Read our blog for advice on how to choose a safe password. Multi Factor Authentication will provide even stronger protection - a low-cost but highly effective security control.
2

Change your Admin Path URL

This is the URL you and your team use to log in to your website. All Magento websites by default use the same variation of URL, and if an attacker finds your admin page, they have a far better shot at gaining access to your website. In fact... it's easy to break in, unless you have security in place to protect your site.
3

Monitor the accounts which are accessing your website's backend

Never share accounts. Run regular audits on admin accounts - keep admin access to a minimum. You should know who has access to your website. If accounts are logging in at unexpected hours, this could be a sign that an attacker has compromised the account.
4

Check your recently changed files - are they genuine?

Many compromises involve files being added or changed on a website. Take a look at your change log for any suspicious file activity - who made those changes, were they planned, are the files legit?
5

Scan your website regularly for indicators of compromise, malware

Using an external malware/IOC scanner, such as WebScan for occasional on-demand scans - or sign up for our FGX-Web Lite service for daily external scans delivered to your inbox - can give you a quick and simple insight into the security posture of your website.

Both WebScan and FGX-Web include historic data so that you can track changes to your Risk Score over time.

Monitoring & Protecting your website

Get started with FGX-Web today

icon

MONITORING
  1. Market-Leading Threat Detection
  2. £2,500 Breach Protection Warranty
  3. Live chat/email support
GET IT NOW

icon

MONITORING & PROTECTION
  1. Market-Leading Threat Detection & Protection
  2. £10,000-£50,000 Breach Protection Warranty
  3. Live chat, email and telephone support
CONTACT US
Our Previous Website Security Reports

Magento Website Security Report

Download 17th May 2021 >
Download 30th April 2021 >
Download 5th April 2021 >
Download 22nd March 2021 >
Download 8th March 2021 >
Download 22nd February 2021 >
Download 8th February 2021 >
Download 25th January 2021 >
Download 11th January 2021 >
Download 28th December 2020 >
Download 14th December 2020 >

Migrating to Magento 2 - All You Need to Know

Foregenix-Blog-Atatomy_Of_A_Magento_Attack_Froghopper_2019_03_21

Being such a popular e-commerce platform makes Magento...

READ MORE
Protect Your Magento Website

Foregenix-Emails-Newsletter_December_Magento_2019_03_27

Key Magento security tips to help you protect your website.

READ MORE
Supporting the Magento Community

Foregenix-Blog-Atatomy_Of_A_Magento_Attack_Froghopper_2019_03_21

Magento websites have been the target of criminal activity because...

READ MORE

Speak with us

Cyber Insurance is Important

Security may not totally eliminate the risk, so taking out an appropriate insurance policy is a critical part of mitigating risk in online businesses. We’re happy to link you with insurance brokers who understand the problem. 

Foregenix-FGX_Web-Cyber_Security_Seal2