How Healthy Is Your Magento Store?

I have received an email from Sam asking me to add a link to her web site :
How Healthy Is Your Magento Store?

As the security is important, I am sharing below an extra of her blog article :

Offering a dynamic shopping cart experience together with content and functionality management, Magento is a complete solution for your open source ecommerce requirements.

With an effortless and user friendly architecture, Magento includes all essentials, defining a comprehensive online store. Easy to install and convenient to add plugins, it’s a preferred choice for big and small businesses alike.

Effective management of your Magento store brings an imperative accountability to maintain its health and privacy at all times. While it’s important to keep your Magento store safe, a sustained focus on your business and user experience is more significant from long term perspective.

The below infographic amply illustrates the symptoms that you must keep an eye on while administering your Magento store. As you concentrate on the primary reasons for your slow running store, it helps you to drive measures towards fixing them and retaining the much needed store performance.

User experience can further be amplified by following some plain rules that have now become vital than just being defined as add-ons.

You can continue to read on the Sam’s blog : How Healthy Is Your Magento Store?

My advises I can also give you :

  • install Magento security patch.
  • install system patch
  • check the source code of any module your are installing. There are may be base64 encoded codes.
  • check frequently your magento logs.
  • use strong password
  • do backups. I have two backups per week uploaded to an another server.
  • run magento under docker .
  • ….

For example, today there are remote attackers trying to get info

2016/04/11 07:27:52 [error] 3775#0: *306897 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET //app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/11 07:27:52 [error] 3775#0: *306906 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET /sales/guest//app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/12 05:42:28 [error] 3774#0: *308226 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET //app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/12 05:42:29 [error] 3774#0: *308235 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET /sales/guest//app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/12 11:00:30 [error] 3773#0: *308693 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET //app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/12 11:00:31 [error] 3773#0: *308702 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET /sales/guest//app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/13 03:48:17 [error] 3774#0: *311109 access forbidden by rule, client: 198.1.64.72, server: photos-art.pro, request: "GET //app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/13 16:01:03 [error] 3775#0: *312069 access forbidden by rule, client: 131.253.38.67, server: photos-art.pro, request: "GET /BingSiteAuth.xml HTTP/1.1", host: "photos-art.pro"
2016/04/14 06:42:45 [error] 3774#0: *313718 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET //app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/14 06:42:46 [error] 3774#0: *313727 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET /sales/guest//app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/14 16:14:18 [error] 3774#0: *314283 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET //app/etc/local.xml HTTP/1.1", host: "photos-art.pro"
2016/04/14 16:14:19 [error] 3774#0: *314292 access forbidden by rule, client: 37.187.143.124, server: photos-art.pro, request: "GET /sales/guest//app/etc/local.xml HTTP/1.1", host: "photos-art.pro"

This IP address was banned :

# grep 37.187.143.124 /var/log/fail2ban.log.1 
2016-04-09 05:55:42,599 fail2ban.actions: WARNING [nginx-404] Ban 37.187.143.124
2016-04-09 15:55:43,051 fail2ban.actions: WARNING [nginx-404] Unban 37.187.143.124

Nicolas Portais
Author Photographer
http://www.mystockphoto.fr/
http://photos-art.pro/

Ce contenu a été publié dans Magento. Vous pouvez le mettre en favoris avec ce permalien.

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Captcha (solve the arithmetic equation) * Time limit is exhausted. Please reload CAPTCHA.