A big part of securing any software is applying updates and patches when they are available. We typically install updates on our client’s web applications on a schedule. However, sometimes we are not aware a patch is released until the next time we have scheduled to look for available patches. This causes a window between the time where a patch becomes available and when the patch is applied.
Yesterday, we became aware that a client’s Magento shopping cart website had a security issue. We immediately found the issue, fixed it, and applied the appropriate patches to prevent it from happening again in the future. In researching the security issue, we discovered magereport.com. This great web application scans Magento installations for security vulnerabilities then reports it’s findings along with help to fix any issues. We have now signed up to have magereport.com scan and alert us of potential issues with our client’s Magento web shopping carts. This will allow us to be more proactive in keeping our client’s Magento installations more secure.