Magento Security Insights

Free Magento Cybersecurity Resources

 

What do we know about Magento?

Well... a lot. Our software monitors the security profile of over 300,000 Magento websites across the Magento 1 and Magento 2 platforms.

Our forensic team helps a LOT of hacked Magento websites each year - much of our capability to detect threats comes from this experience.

We know how the criminals break in and steal data from Magento sites - Our mission is to protect small and growing businesses from criminals - through information, education and our technologies.

 

What are the stats?

Download our latest report at the link below (scroll down for previous reports)

Download 19th October Report Sign Up To Receive Email Updates
Foregenix-Logo-magento-logo
 

Nearly 180,000 websites remain on MAGENTO 1

91% Magento 1 websites are High/Critical Risk

30% Magento 2 websites are High/Critical Risk

ENTER YOUR EMAIL ADDRESS TO RECEIVE THE REPORT UPDATES

We will not share your email and will only send you report updates and related security advice. You may unsubscribe by clicking the unsubscribe link on each email.

 

START YOUR JOURNEY TO A SAFE

MAGENTO WEBSITE HERE.

1

Update your password regularly

This is age-old advice - so we wouldn't suggest it if it wasn't critical. Read our blog for advice on how to choose a safe password.  Multi Factor Authentication will provide even stronger protection - a low-cost but highly effective security control.  

2

Change your Admin Path URL

This is the URL you and your team use to log in to your website. All Magento websites by default use the same variation of URL, and if an attacker finds your admin page, they have a far better shot at gaining access to your website.  In fact... it's easy to break in, unless you have security in place to protect your site.

3

Monitor the accounts which are accessing your website's backend

Never share accounts.  Run regular audits on admin accounts - keep admin access to a minimum. You should know who has access to your website. If accounts are logging in at unexpected hours, this could be a sign that an attacker has compromised the account.

4

Check your recently changed files - are they genuine?

Many compromises involve files being added or changed on a website. Take a look at your change log for any suspicious file activity - who made those changes, were they planned, are the files legit?

5

Scan your website regularly for indicators of compromise, malware

Using an external malware/IOC scanner, such as WebScan for occasional on-demand scans - or sign up for our FGX-Web Lite service for daily external scans delivered to your inbox - can give you a quick and simple insight into the security posture of your website. 

Both WebScan and FGX-Web include historic data so that you can track changes to your Risk Score over time.


MONITORING & PROTECTING YOUR WEBSITE

Get started with FGX-Web today

MONITORING

1. Market-Leading Threat Detection

2. £7,500 Breach Protection Warranty

(normally £2,500)

3. Live chat/email support

 

Get It Now

MONITORING & PROTECTION

1. Market-Leading Threat Detection and Protection

2. £10,000-£50,000 Breach Protection Warranty

3. Live chat, email and telephone support

 

Contact Us

MAGENTO RESOURCES

Our Previous Website Security Reports

Magento Website Security Report

Download 5 October 2020 >
Download 21 September 2020 >
Download 7 September 2020 > 
Download 24 August 2020 > 
Download 10 August 2020 > 
Download 27 July 2020 > 

Migrating to Magento 2 - What You Need to Know

Foregenix-Blog-Atatomy_Of_A_Magento_Attack_Froghopper_2019_03_21

Being such a popular e-commerce platform makes Magento an attractive target for hackers...

READ MORE

What Can You Do To Protect Your MAGENTO Website?

Foregenix-Emails-Newsletter_December_Magento_2019_03_27

Here's our key Magento security tips to help you protect your website: 


 

READ MORE

Supporting the Magento Community

Foregenix-Blog-Atatomy_Of_A_Magento_Attack_Froghopper_2019_03_21

Magento websites have been the target of criminal activity because of the way [they] are being managed...

READ MORE

Cyber Insurance is Important

Security may not totally eliminate the risk, so taking out an appropriate insurance policy is a critical part of mitigating risk in online businesses. We’re happy to link you with insurance brokers who understand the problem. 

Foregenix-FGX_Web-Cyber_Security_Seal2