VHjD76rJPFUdrLp9aMufj6CAZXIPFT
Magento

Important Tips to Keep Your Magento Store Secure and Running

4 min read By: Minal Joshi

24 February, 2012

Important-Tips-to-Keep-Your-Magento-Store-Secure-and

Are you concerned about the security of your Magento store? Magento offers great many built-in features to keep your website safe and secure and avoid any security breach. Following are certain tips that you can follow in order to make sure your Magento store is safe and sound.

1 ) Choose a Password Difficult to Guess

When it comes to choosing your store’s admin password it must be chosen wisely. I usually choose the password from my surrounding, making it easy for me to remember as well. To ensure that your password is secure make it lengthy by adding as many characters as possible which are not only letters but punctuations and numbers too.

2 ) Keeping Scripts Updated

Magento being an open source new versions of it are introduced now and then. Thus you need to keep the scripts up-to-date as older versions of the open source applications can make your website more vulnerable to hackers.

Make sure to take a backup of your website before upgrading in case new version can either cause loss of some functionality or can cause your website to crash.

3 ) Close E-mail Loopholes

In case you have forgotten your admin password Magento has a feature that allows you to reset your password. In order to reset the password you need to be aware to the email address/account associated with the account. Next you need access to that respective email account to retrieve the new password.

For optimum security, first of all you need to choose an address that is not publicly known. Secondly, don’t disclose your password to anybody. Thirdly, make you’re your email account has a security question that allows for password reset. It is a great way to avoid security breach in your store.

4 ) Use of Secure FTP

Cracking the FTP passwords is the most common way by which a site gets hacked. To prevent unauthorized and anonymous access to your sites FTP, use strong passwords with SFTP or use FTP-SSL.

5 ) Updating Plug-Ins and Extensions at Regular Intervals

If you have any plug-ins or extensions in your website, make sure to keep them up-to-date, as old versions might make your website vulnerable to hackers. Also don’t forget to take a back up before upgrading your plug-ins or extension for safety purpose.

6 ) Limit Access in .htaccess File

Did you know that you can prevent users from unidentified IP Addresses from accessing your site’s admin area, simply by making some changes in .htaccess file. Place the following code in the .htaccess file in order to block access to all IP Addresses except the specified ones.

EX:

AuthName “Protected Area”
AuthType Basic
order deny,allow
deny from all
allow from 11.111.111.11 (note the ip addresses can be modified as per requirement)
allow from 22.2
</limit>

“allow from 11.111.111.11” blocks the specific IP address 11.111.111.11
“allow from 22.2” blocks a range of IP addresses beginning with 22.

7 ) Use a Custom Admin Path

By default, the path of your Magento admin panel is-site.com/admin. Using the default path for your Magento store means that anyone can snoop around and crack your password. By using a different code than the default you can prevent hackers to get hold on your password. This will assure that your store remains protected.

8 ) Don’t Use Your Magento Password for Other Accounts

This is the most common mistake people tend to do. Never use your Magento password for any other account as it will be very beneficial to the hackers. Finally it’s up to you whether you want to encourage hackers or drive them away.

9 ) Don’t Save Passwords On Your Computer

Most browsers today offer the option of saving passwords for convenience as such you do not need to enter your password every time you access your account. This is nice most of the time but can be a problem when it comes to security. Anyone having access to your computer can have access to the confidential data. To avoid unidentified access to your data, simply set your browser to never save it.

10 ) Keep Your Anti-Virus Software Updated

Computer viruses and Trojans can risk the security of your website or store. To limit this it is advisable to invest in good anti-virus software and keep it updated.

we have a team of dedicated Magento developers who are committed to offer you a safe and secure Magento store for your business.

magentoMagento DevelopersMagento Store

Minal Joshi is a content marketer at Krish with a flair for eCommerce and Digital Commerce aspects. She is a MarTech fanatic with a knack of writing with which, she helps brands to curate, create, & commence digital brand positioning. Sharing insights via articles, case studies, eBooks, Infographics, and other forms of content creation is what she lives for. Being an ardent traveler, when not writing, you'll find her sipping coffee into the mountains or petting a stray.

Trusted by leading brands

We are an antidote to boring commerce

Let's Get Started


  • By submitting this form you agree with the terms and privacy policy of Krish

    Meet us at the !


    • By clicking “Submit”, you consent to allow us to send you communications.

      Talk to us!


      • By submitting this form you agree with the terms and privacy policy of Krish

        Schedule A Meeting


          • Schedule Date

          • 2 November3 November


        • By submitting this form you agree with the terms and privacy policy of Krish

          Schedule a 30 Mins No-Obligation Consulting Session


          • By submitting this form you agree with the terms and privacy policy of Krish

            Schedule a 30 Mins No-Obligation Consulting Session


            • By submitting this form you agree with the terms and privacy policy of Krish

              Schedule a 30 Mins No-Obligation Consulting Session


              • By submitting this form you agree with the terms and privacy policy of Krish

                Schedule a 30 Mins No-Obligation Consulting Session


                • By submitting this form you agree with the terms and privacy policy of Krish

                  Schedule a 30 Mins No-Obligation Consulting Session


                  • By submitting this form you agree with the terms and privacy policy of Krish

                    Schedule a 30 Mins No-Obligation Consulting Session


                    • By submitting this form you agree with the terms and privacy policy of Krish

                      Schedule a 30 Mins No-Obligation Consulting Session


                      • By submitting this form you agree with the terms and privacy policy of Krish

                        Schedule a 30 Mins No-Obligation Consulting Session


                        • By submitting this form you agree with the terms and privacy policy of Krish

                          Schedule a 30 Mins No-Obligation Consulting Session


                          • By submitting this form you agree with the terms and privacy policy of Krish

                            Schedule a 30 Mins No-Obligation Consulting Session


                            • By submitting this form you agree with the terms and privacy policy of Krish

                              Schedule a 30 Mins No-Obligation Consulting Session


                              • By submitting this form you agree with the terms and privacy policy of Krish

                                Schedule a 30 Mins No-Obligation Consulting Session


                                • By submitting this form you agree with the terms and privacy policy of Krish

                                  Schedule a 30 Mins No-Obligation Consulting Session


                                  • By submitting this form you agree with the terms and privacy policy of Krish

                                    Let's Get Started


                                    • By submitting this form you agree with the terms and privacy policy of Krish.

                                      Schedule A Demo

                                        • Select Accelerator Type

                                        • B2BB2CMarketplace


                                      • By clicking “Submit”, you consent to allow us to send you communications.

                                          Download Corporate Profile

                                          Please fill out the form below to download.

                                          • By submitting this form you agree with the terms and privacy policy of Krish.

                                          Let's Talk


                                          • By clicking “Submit”, you consent to allow us to send you communications.

                                            Let's Talk


                                            • By clicking “Submit”, you consent to allow us to send you communications.

                                              Adobe Commerce Feature List

                                                Please fill out the form below to download the feature list.


                                                By submitting this form you agree with the terms and privacy policy of Krish.

                                              • Let's Talk Growth



                                                • By submitting this form you agree with the terms and privacy policy of Krish

                                                  commercetools Feature List

                                                    Please fill out the form below to download the feature list.


                                                    By submitting this form you agree with the terms and privacy policy of Krish.

                                                  • Let's Talk Growth!


                                                    • By submitting this form you agree with the terms and privacy policy of Krish

                                                      Claim Your Audit Now!


                                                      • By submitting this form you agree with the terms and privacy policy of Krish

                                                        Claim Your Audit Now!


                                                        • By submitting this form you agree with the terms and privacy policy of Krish.

                                                          Let's Get Started


                                                          • By submitting this form you agree with the terms and privacy policy of Krish.

                                                            Unlock the Full Potential of Adobe Commerce (Magento).
                                                            Talk to our eCommerce expert today!


                                                            • By submitting this form you agree with the terms and privacy policy of Krish.

                                                              Migrate to Adobe Commerce (Magento 2) to Experience Limitless Commerce. Talk to Our eCommerce Experts Today!


                                                              • By submitting this form you agree with the terms and privacy policy of Krish.

                                                                Get Certified Magento Experts for Your Adobe Commerce Support Needs. Talk to Our eCommerce Experts Today!


                                                                • By submitting this form you agree with the terms and privacy policy of Krish.

                                                                  Scale High with Award-winning Adobe Gold Solution Partner Agency. Talk to Our eCommerce Experts Today!


                                                                  • By submitting this form you agree with the terms and privacy policy of Krish.