Key rules for your Magento 2 security

Magento 2 security topics play a significant role in the success of every online business. Nowadays, this topic has become even more important due to the huge number of various hacker attacks and sensitive data leaks worldwide. It is the duty of every website manager is to make sure that the key security rules are followed and the website is well-protected. The following article describes the Magento 2 security best practices for protecting your website against cyber threats.


It’s been almost 2 months since we could touch and feel Magento 2.4.A new minor version of Magento offers a better eCommerce security layer and long-awaited B2B features aimed at improving the merchant’s customer experience. If it’s the first time you are hearing about this, you might want to take a look at our summer review of it here.

SUPEE-10266 Magento security patch

A new Magento 1 security patch SUPEE-10266 was released on September 14th of 2017. It closes the ability of an admin user remote code execution, protects from data leaks and fixes some minor issues. Let’s check the main code changes that are included in the patch.

Testing checklist after Magento upgrade

It is important to keep your online store updated to the latest Magento version, as it has the most recent improvements, security updates, and other fixes. And every time such upgrade is performed, the website should be carefully tested to make sure that all issues or conflicts are fixed after the upgrade.

Today we want to share with you our test cases after Magento upgrade that we normally use testing Magento stores.

Magento patch SUPEE-7405 v1.1

In one of our recent articles we have described Magento patch SUPEE-7405 installation and its code changes. But, as it turned out, this patch might cause some issues on the websites. And in order to reduce the number of issues Magento has released an update to the patch – SUPEE-7405 v1.1. It does not fix any security issues, meanwhile we would like to review what changes this update contains to understand its role:

Magento security patch SUPEE-6788 - installation issues

Magento has released a new security patch SUPEE-6788, and we would like to share our experience with its installation troubleshooting. We are describing this topic assuming that you’ve already checked a web store on and implemented the security recommendations like closing access to var directory, downloader, changed the URL to the admin panel to more secure etc. We will also try to avoid the discussion of the admin routes compatibility here because the patch already contains the back routes compatibility. Therefore, the main goal of this article is to make your store functioning correctly after applying the patch.