How to achieve maximum Magento security with patches and a set of key safety measures
The open-source nature of Magento is two-faced, isn’t it? On the bright side, we have a possibility to continuously expand the functionality and implement business ideas going beyond the given set of features. However, security vulnerability stands on the dark side and makes the Magento development team keep their eyes open for possible breaches. Having identified a system weakness, they spring into action immediately and come up with a security patch to prevent the damage.
The notion of Magento security patches must be familiar to all merchants who have chosen this platform for their ecommerce business as monitoring the Security Center and timely installing released updates is the first step towards a trouble-free website with a wealth of effectively protected sensitive customer data. To underline the importance rather than to frighten, we have prepared a list of security issues that could hit businesses had it not be for the latest patch released for Magento 2.
Magento 2.2.3, 2.1.12 and 2.0.18 security update
Just like people take health for granted until it is good, merchants may start taking Magento security seriously only when they face an issue and experience its dire consequences. That’s a bad example to follow, so here are possible problems that have been prevented with the latest Magento security patch.
Administrator account takeover
We begin with this issue as it implies critical financial risk for customers – taking over administrator privileges, malicious actors can steal customer payment data. The latest Magento security patch addresses the following types of hacker attacks.
Hackers may inject a malicious script in a Magento application getting illicit access to web store administering. The identified security gaps are:
- Customer-controlled information like registration forms
- Downloadable products
- Shipment tracking
- Detailed rating
- Product attribute group name
- Private sales events and invitations
- RMA functionality
- Newsletter templates
- Website Name or Store View Name settings
- Product attributes
- CMS hierarchy
- Custom variables
Remote code execution via media upload
There is a path traversal vulnerability appearing during image or media upload. Hackers could exploit it to execute code remotely under administrator privileges.
File inclusion vulnerability in customer view leads to hackers getting access to arbitrary files in the file system while a weakness in the import history jeopardizes critical system control files.
Merchants need to be particularly cautious about information safety as they store lots of sensitive customer data. Once compromised, they will hardly recover their reputation and customer trust. The Magento development team has come up with certain improvements in this regard in the latest security patch. Previously:
- A common web server misconfiguration could not only affect Magento speed but caused a more serious issue – a threat of sensitive data leakage.
- Hackers could get unauthorized access to other websites hosted on the same platform.
- Weak protection checking could result in privilege escalation or information disclosure.
Magento system disruption
A malicious script in a customer address field could trigger a denial-of-service attack. Though not involving information theft or unauthorized access to system control, this kind of intrusion comes at a high cost for merchants. Not only do they have to settle the issue, but they also lose revenue while the web store is unavailable for customers.
Failure to promptly stop suspicious activity
Magento didn’t log out a user automatically after they changed the password. Though seemingly convenient and time-saving for admins, it poses a potential threat to security. Let’s say, there are two sessions running simultaneously. Noticing some suspicious activity, the first user changes the password. Without terminating the current session on all devices, this protective measure will have no effect. But with the Magento security patch covering this vulnerability gap, users can react instantly at the first signs of compromised activity.
A set of measures to maximize the security
Still, Magento security patches can’t ensure the highest level of protection as they address only detected vulnerabilities. Merchants need a much more complex approach to stand guard over the security of their storefront. We have prepared a list of aspects one should focus on to stay calm about their Magento installation.
Safe environment. Prioritizing the security of the environment is one of the most valuable recommendations we could give. Not only Magento, but any software installed on the server matters as the weakest component can let the rest down.
- With the Apache web server, Magento uses .htaccess files to safeguard system files. Using a different server calls for additional checking of their protection. For example, recommended Nginx configuration sample is available in Magento 2 codebase (nginx.conf.sample).
- Only secure communication protocols like SSH, SFTP or HTTPS are appropriate for managing the files.
- One needs to restrict access to cron.php file.
Protected file system. Magento allows limiting access to production mode to prevent unauthorized interference. Administrators should set file system permissions with umask.
Protected admin panel. There is a set of preventive steps merchants can take to cut off access to the admin panel of their web store. They should:
- Change the admin login path from the default “admin” or “backend” to a custom one.
- Set user permissions to personalize access to the information.
- Use the two-factor authentication extension to protect access with a security code generated by admin’s smartphone.
- Whitelist specified IPs.
- Generate a strong password and change it regularly.
Reliable extensions. Aiming to expand Magento functionality, merchants turn to ready-made extensions. The problem is that their quality can hit Magento security really hard. Having Magento support team auditing and evaluating the quality of extensions, merchants can save themselves from possible issues.
Regular security audits. Making security checks a routine, one always has a comprehensive picture of the website security. Besides, merchants can use free Magento Security Scan Tool to early identify security risks and prevent unauthorized access.
Incident response plan. A good understanding of how to behave if a website was compromised gives merchants a head start in dealing with consequences. The first two steps they need to make before determining the nature of the attack are blocking access and backing up the website so that criminals could not continue the intrusion or remove the evidence.
To sum it up
Staying responsible for customer private data, ecommerce players can’t afford being carefree about security. Magento does its best to promptly cover detected gaps with patches but only a multifaceted approach to security can prevent criminals from breaking into your web store. We hope that we have outlined the plan on how to minimize the risk of hacking and keep your business out of danger.