The I-Magento Just Got Bigger and Better: New Features and Major Benefits of Magento 2.0

Advantages of Magento 2.0

When Magento 2.0 was released in November 2015, the industry showed an initial reluctance towards the adoption – they were already using a very powerful eCommerce development tool in Magento. As such, the idea of migration to its newer version appeared more as a technological vogue.

The timeline enters into 2016, and encouraged by the migration success of early adopters—your Venroy, Alcatel, Scuf Gaming, etc.—the ecommerce industry endeared the practice.

Today, thousands of businesses worldwide are using the technology of Magento 2.0 to help manage and grow their eCommerce stores, after leveraging the platform to initially build one.

What accounts for this wide scale adoption?

We called in our research miners to explore the reason.

Magento 2.0 is Simply Much Faster

It has been found that Magento 2.0 runs 20 percent faster than its predecessor. Faster means, better site uploading and navigation speed, which accounts for improved online consumer experience. And, when you talk about operating a business in the digital world, the difference in performance can make a big difference.

According to Kissmetrics, a 1 second delay in page response time can result in a 7% reduction in conversions.

The team at Magento verifies the improved performance metrics declaring that the platform is able to process one hundred and thirty-five thousand more orders per hour, with the most noticeable improvements found during the uploading of catalogue pages and checkout processes.

What Makes It Faster?

The platforms default characteristic of full page cache, in addition to its ability to utilize open source distributed memory object caching system, improves the website’s pages uploading speed.  Furthermore, the platform only supports modern Javascript framework, the JQuery and Knockout JS. This further reduces the processing complexities, which previously slowed the uploading speed in the older versions.

Magento 2.0 Helps Your eCommerce Website Rank Higher on SERPs

For B2B and B2C industry players, it is very important to get themselves ranked as higher as possible on SERPs to help generate organic online traffic. It creates revenue generating opportunities.

The new Magento upgrade helps address this.

Serving as one of the key Magento 2.0 improvements, the platform comes equipped with some amazing features that allow webmasters to leverage solutions in order to get their websites ranked higher on SERPs.

What are These Features?

Magento 2 comes with default SEO features that can help your e-store rank better on Google. Some of these include:

  • The ability to design pages on well structured HTML and the feature to optimize content’s meta details and meta data.
  • The freedom to customize flat URLs as per product name and category
  • Integration of product names as alt tags for the images, present on a webpage.
  • Webmasters can execute canonical tagging of categories, which helps avoid the duplication of content, thereby lessening the incidence of thin content.

Magento 2.0 Offers a Comprehensive Ecosystem for the eCommerce Store to Operate In

The Magento development team has focused on integrating all the essential elements that make up a comprehensive ecosystem for the eCommerce store to operate in.

  • Users can establish different data sets for every catalog and content, which accounts for a detailed and customized layout.
  • It offers the flexibility to integrate CMS, CRM, checkout modules and other plug-ins and extensions for convenient operation of the eCommerce store. Plus, if you want to activate or deactivate any of the modules, you can conveniently execute the function without disrupting the code base.
  • It creates a safe and secured environment for conducting online transactions with a robust server validation system and a strengthened hashing algorithm for passwords.
  • An Elastic Search system which enables customers to find products quickly and efficiently.

With the features and benefits mentioned above, it won’t be wrong to conclude that the latest version of Magento, Magento 2.0, has the capability to help structure an eCommerce store that comes equipped with all the necessary value added elements and features, for its operation to be robust and flexible.

Magento 2.0.6 Security Update

Magento is one of the best ecommerce platforms for businesses to take their business online! The best thing about it is that the company regularly introduces security patches and takes care of the safety and security of its users.

Recently, it introduced the Magento 2.0.6 security update for the Enterprise Edition as well as the Community Edition. It includes multiple security enhancements as well as a few functional ones. If you have not downloaded the Magento 2.0 release, you must skip downloading it and go for the Magento 2.0.6 update.

Security Enhancements mean a Safer Environment for your Business

Magento has addressed several security issues with its new update. It involves the following:

  • It blocks unauthenticated users from executing PHP code on the server via REST or SOAP API. It means it has become even more difficult for hackers to cause problem to your business by running a malicious code on the server.
  • The company has made the installation code inaccessible after the completion of the initial installation process. The /app/etc directory is not left writeable after the installation which makes remote re-installation of Magento impossible. It means that no cyber-criminal can cause harm to your website.
  • Anonymous users cannot obtain private information of registered customers. The company doesn’t include the cart_id_mask value in the quote_id_mask table making it difficult for hackers to obtain information.
  • Even authenticated users cannot change customer information via SOAP or REST calls. It requires matching of the customer ID with the authentication token to ensure that neither a spiteful employee nor a malicious hacker edits customer information and causes problem to your business.
  • It has resolved a vulnerability that involved cross-site scripting (XSS) attacks in the Authorize.net payment module making the ecommerce platform a better place for its users.
  • Previously, an application error message showed the path of the file where the problem occurred.  But, now Magento doesn’t disclose sensitive information of the file because such information was used against the business by hackers.

If you are downloading Magento 2.0.6, make sure that you are first implementing it in a development environment. It will give you ample time to check whether the update works as per as your expectations. Updating Magento is simpler when you work with it on a regular basis. If you find it time-consuming, consider hiring a managed IT services provider for your day-to-day IT operations. The company will update security patches regularly as well as protect your business from unauthenticated access. Also, it will ensure data back up and proper functioning of the IT infrastructure of your business.

When you require a Magento developer for your business, trust PlatinaIT. We are a premier managed IT services provider for businesses across America. We will protect the IT infrastructure of your business like no other. Call (416) 273-7206 to discuss your IT needs today.

Why Magento better than Shopify

Why Magento is better than Shopify?

Are you looking to transform your physical store into an online one? Do you want to enter the online market and provide a new avenue for your customers to shop and buy? Giving an online presence to your brick and mortar store is now possible with a plethora of e-commerce platforms, the most common being Shopify and Magento.

Shopify and Magento Community Edition are preferred by a majority to create and manage online stores. When it comes to choosing the best platform for your online store, the competition is tough. But, you can make a decision after understanding various aspects of both the e-commerce platforms.

  • The Cost

A good business owner thinks about ROI because, at the end, it is an important factor that makes a business successful. When you are considering the cost factor, you must know that Shopify is a software-as-a-service (SASS) that you can use after paying money.  The basic Shopify plan starts at $29 per month. There is also an option called Shopify Lite that is available for only $9 per month. There are many different Shopify plans to help business owners choose one that suits them the best.

On the other hand, Magento is free-open source software. The community edition of Magento is free of cost. And, you will only have to pay for hosting your store online. The premium edition of the software, the Magento Enterprise Edition, costs $18,000 per year. If you are not well-versed with PHP, you will have to hire a Magento developer. The cost of hiring a developer varies according to your requirements.

Shopify charges you transaction fees if you do not use their payment gateway and opt for a third-party option. Usually, for the basic plan the charges are 2% of the transaction.  When it comes to Magento, the prices are set according to the payment gateway that you use and the plan you select for your business.

Templates are another important thing that can help you make the decision. While both the platforms offers a wide range of free and paid templates, Magento is a clean winner.  There are more themes in Magento and the paid ones start from as low as $1. If you consider Shopify, paid themes start from $80.

  • The Inventory

As a business owner in today’s world, you know that inventory management is a challenge.  When you are ready to take your store online, you must have one inventory database that allows you to manage different marketplaces and channels easily.

Shopify is useful for managing inventory for your brick and mortar store as well as the online store. The e-commerce platform has capabilities to help you sell on major social media platforms such as Facebook, Twitter and Pinterest. And, it also has a PoS (Point of Sale) solution for your in-store inventory management.  But, if you are planning to sell on Ebay, Amazon and other online portals, your options will reduce significantly and you will have to rely on extensions.

Magento offers real freedom of customization. You can integrate with a number of channels as well as online portals that you consider ideal for expanding your business. There are several extensions available in the market to help you customize your inventory database according to your requirement. The benefit of working with Magento is that it provides customized integrations. It is useful when you are looking to provide unique personalized offers to your customers on the basis of their purchase history. You can even consider different prices for different locations and introduce flash sales with Magento. When you want complete control over inventory management, Magento is the way to go.

  • The Marketing Factor

Got a great product? If you are unable to market it properly, it is of no use. It will not increase your profit and improve your bottom line. Marketing efficiency is extremely important for an online store. A business owner should be able to edit the content on the website and customize it according to his SEO strategy.

Shopify allows you to edit Meta tags as well as add search engine console tags. However, it not possible to make substantial changes to the online stored created with the ecommerce portal. It allows basic level changes only. And, as you are on the company’s hosting, you cannot edit all the aspects of your online store to optimize your marketing strategy.

If you think that Magento can help you in keeping your SEO strategy on track, you are right. As it is an open-solution, your options to customize the online store are limitless. You can conduct on-page optimization easily and edit the Meta tags without any trouble. You can manage the redirects, nofollow as well as canonical tags efficiently with the software making it your favorite ecommerce platform.

If you are a small mom and pop store looking to go online, you can consider Shopify because it is a rather simple ecommerce portal. Even if you do not have any knowledge about creating an online website, Shopify will make things easier for you. It is user-friendly and convenient to use, whereas you may require a Magento developer to create a fully-functional online store with the software.

Remember that Magento proves to be a bit technical in its approach but once you get accustomed with it, it will not prove to be an obstacle for you.  And, when you want to create a comprehensive online store that includes all your products, Magento should be your choice. It is ideal for large retail stores as well as home-based businesses looking to expand their market.

When you want to choose an ecommerce platform for your business, choose Magento to enjoy true customization. And, if you are going to hire an IT professional or a managed IT services provider, Magento seems to be the logical choice because of the creative freedom it offers to you.

Have you decided on an ecommerce portal to build an online store for your business? If you are worried about making the right choice, consult PlatinaIT. We are a one-stop solution for all your e-commerce website development needs.

Magento errors

Magento Common Errors and Possible solutions

Here are some of the common Magento errors and their possible solutions:
Unable to allocate memory for pool” in PHP?

SOLUTION: This is Memory related error linked to APC. To resolve this error, specify you .ini settings, specifically your apc.mmap_file_mask setting.

For file-backed mmap, it should be set to something like:

apc.mmap_file_mask=/tmp/apc.XXXXXX

 

For POSIX-compliant shared-memory-backed mmap, use:

apc.mmap_file_mask=/apc.shm.XXXXXX


While Installing Magento, you might get the following error code:

Fatal error: Maximum function nesting level of '100' reached, aborting!

SOLUTION:  To resolve this issue, you can:

Disable the xdebug extension.
Set the value of xdebug.max_nesting_level to a value of 200 or more. Then restart the Apache server and this should resolve the error.

 

Another common installation error is “Installation fails; cannot create install.log:

Review your setting for open_basedir in php.ini. The Setup Wizard uses the sys_get_temp_dir ( void ) PHP call to get the value of the temporary directory. If open_basedir is set to refuse connections to a directory specified by sys_get_temp_dir, the installation fails.

To resolve the issue, change the value of open_basedir and restart the web server.

Another installation error is fatal PDO error displays:

PHP Fatal error:  Class 'PDO' not found in /var/www/html/magento2/setup/module/Magento/Setup/src/Module/Setup/ConnectionFactory.php on line 44

SOLUTION: Check and make sure you have installed all required PHP extensions. This error usually occurs due to missing some extensions.
Magento install error There has been an error processing your request

There has been an error processing your request
Exception printing is disabled by default for security reasons.

SOLUTION: check for the “errors” folder–> Change local.xml.sample to local.xml –>Open magento/lib/Zend/Cache/Backend/File.php and look for:

protected $_options = array(
‘cache_dir’ => ‘null’,
Change it to:
protected $_options = array(
‘cache_dir’ => ‘tmp/’,
Save it and then create a tmp folder in the root Magento folder. Problem solved!
Check out our popular section for Magento common questions and answers. For complete Magento support, contact us at info (at) platinait.com

 

Magento popular questions

Magento Common Questions and Answers

Where Can I find Magento log files:

Sometimes you find that your Server storage is increasing without any major traffic or changes to the site. This can be due to swelling Magento error logs file which are used to log and record errors related to database or files.

You can find them in /var/log within your root Magento installation. The log files are usually two files by default, exception.log and system.log. if you do not see the error log, you can create these from the admin by going to System > Configuration > Developer > Log Settings > Enabled = Yes

How to create XML Sitemap in Magento?

A sitemap is an important piece of information which helps Google and other search crawl and find your web pages. Magento has an built-in function to generate an XML format sitemap containing the URLs for Category pages, Product pages and CMS pages. To create the sitemap, simply go to Catalog > Google Sitemap and add a new sitemap. You can also use third part extensions for better sitemaps such XML Google Sitemap from Amasty or Creare HTML Sitemap

How do I remove index.php from Magento?

If you website is displaying the address in the browser as www.example.com/index.php, you need to get rid of index.php  and it should only display www.example.com as Google treats this as 2 separate pages which same content.  You can write a code in the .htaccess file to fix this problem.

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

How can I change the Magento Admin password?

If you simply want to change your admin password, do the following:

Login to the Magento admin, go to System > My account and change the password:

If you forgot your admin password, you can simply recover it using forgot the password option. For advanced users, go to phpMyAdmin via cPanel, click on the Database for your site, Click on the SQL tab and type the following in to the text box:

UPDATE `admin_user` SET `password` = MD5('PASSWORD') WHERE `username` = 'USERNAME';

Here usename is the user for whom you will be changing the password and Password field is the new password.

For complete support on Magento, contact our team. We are an experienced team of Magento developers in Canada and have developed hundreds of Effective e-Commerce solutions for all business needs.

 

Cache Management Magento Admin

Magento Cache Management

 

Magento 1.x and Magento 2.0 are fully baked e-commerce platforms and despite having some many built-in functions, the platform renders amazing speed and performance for any shopping cart website. The Magento Cache management plays a very important role in improving the performance of your website and it is very critical that the cache management is ideally utilized.

Magento uses by default the two level cache. Each cache backend has it’s own roles and functions. APC and Memcached are key/value cache backends, they don’t support tagging (grouping of cache entries). File system and Redis has tagging support. By default, Magento stores it’s cache entries in the file system, you find the cache in var/cache/. so whenever a cache needs to be refreshed, a notice will appear at the top of the Magento admin to flush the cache. Follow the link to Cache Management, and refresh the invalid caches.

In the Magento admin, you see two options:

  • Flush Magento Cache
  • Flush Cache Storage

In some events, the services such as Memcache is shared with other applications using a common location like “/tmp/”.  It removes all items in the default Magento cache (var/cache) and the var/full_page cache that have a Magento tag. Flush Magento Cache on the other hand will basically removes only those entries that Magento reliably tracks as it’s own. “Flush Cache Storage” meanwhile clears everything including one that are shared with others as well.

  • To Flush the cache, follow the steps:
  • Login to Magento backend
  • Go to System and under Tools, click on Cache Management

You can use Flush Cache Storage and Flush Magento Cache option depending upon the requirement.

For more information and Magento Support, please contact our sales team.

 

 

How to Set up Magento Cron job

Cron job is basically a scheduler that enables unix users to execute commands at a given time. The cron job is automated process which runs as per the commands generated.  In Magento, a cron job is very handy and can used for multiple roles such as updating your suppliers cvs on daily basis or downloading the products or sales into your ERP or even small functions as sitemap generation, sending scheduled emails or updates etc.

You can set up Crons job via multiple platforms including:

  • cron job via cPanel
  • via Commands
  • Magento cron task via SSH

cron job via cPanel

Via cPanel, setting cron job is easy. .Go to Cronjob Manager inside the control panel. Make sure no other cronjob has been set up calling the cron.php file of Magento, and if that’s the case, remove it before adding this cronjob. Add a cronjob with the following parameters:
Minute: */5
This means the cronjob will be run every 5 minutes. It is very important that the cron.php file of Magento gets executed every five minutes. Do not change this to a longer interval.
Hour: *
Day: *
Month: *
Weekday: *
Command: wget -O /dev/null -q http://www.YOURDOMAIN.com/PATH_TO_MAGENTO/cron.php > /dev/null

Press Add New Cron Job to finish your configuration.

Magento cron task via SSH

Log in to the server via SSH. Run crontab -e command to add a cron task. At this point you will see a text editor, where you can add or edit cron tasks. Starting from a new line, add the following record:

1
*/5 * * * * sh /path/to/your/magento/site/root/cron.sh

Again, don’t forget to insert your own default folder path!

Save the changes and close the file. If you did everything correctly, crontab -l command will show you the newly created task.

For more information and all your Magento Development needs, please contact Platina IT.

Magento 2

Why Magento is a better eCommerce Platform

eCommerce is a type of business model that aloows businesses to be conducted over the internet using applications that rеԛuіrе оnе tо have іntеrnеt соnnесtіоn. And thе fасt thаt thеу аrе аvаіlаblе 24/7, and аrе аvаіlаblе to mаnу реорlе all over the wоrld, makes thеm vеrу еffісіеnt, аdvаntаgеоuѕ аnd popular. Thе bеѕt раrt оf eCommerce ѕіtеѕ іѕ thаt уоu dо nоt hаvе tо visit thе stores physically аѕ thеу аllоw уоu tо vіеw all the products аnd ѕеrvісеѕ аѕ well as the price at which they аrе rеtаіlіng аt. And with thе dеvеlорmеnt оf smartphones and tаblеtѕ, you саn nоw ѕhор аnуwhеrе, anytime at your own соnvеnіеnсе. Thеrе are very mаnу eCommerce рlаtfоrmѕ thаt аrе аvаіlаblе. However, Mаgеntо hаѕ over the уеаrѕ continued to grow іn рорulаrіtу аnd uѕе аѕ opposed to all the other platforms thаt are available. Many buѕіnеѕѕеѕ аrе сurrеntlу moving tо Mаgеntо commerce gіvеn іtѕ роwеrful funсtіоnаlіtіеѕ that аrе іnbuіlt аnd the rісh fеаturеѕ thаt іt роѕѕеѕѕ. Lеt uѕ hаvе a lооk аt ѕоmе оf thе rеаѕоnѕ аѕ to whу уоu should choose Mаgеntо аѕ your еCоmmеrсе рlаtfоrm?

For ѕtаrtеrѕ, it is an open ѕоurсе рlаtfоrm. Aѕ ѕuсh, mаnу реорlе саn dоwnlоаd іt for frее ѕаvіng them hundrеdѕ оf dollars. In addition tо thіѕ, іf уоu аrе a developer, you саn add some twеаkѕ to the source code so as tо аdd ѕоmе functionalities bу аddіng plugins and аdd-оnѕ ѕо that іt can fіt the rеԛuіrеmеntѕ оf уоur business. It аlѕо proves very еаѕу to mаnаgе. Wіth Mаgеntо, оnе саn ореrаtе and mаnаgе more thаn оnе оnlіnе ѕtоrе on a ѕіnglе аdmіn panel. All thе database реrtаіnіng tо thе ѕаlеѕ аnd оrdеrѕ of the сuѕtоmеrѕ mаdе online саn all bе managed frоm a ѕіnglе dаtаbаѕе. This saves on a lоt оf tіmе. In addition, it hаѕ fеаturеѕ thаt include іntеrnаtіоnаl support, product browsing, multі-сurrеnсу ѕuрроrt, multi-language, оrdеr management аѕ well аѕ ѕhірріng.

Magento іѕ аlѕо a very scalable рlаtfоrm thаt іѕ able tо fіt tо thе nееdѕ оf dіffеrеnt buѕіnеѕѕеѕ. If you hаvе a small buѕіnеѕѕ, оr run a large еntеrрrіѕе, уоu саn customize it to аdарt tо thе small business оr even mаtсh up tо thе ѕорhіѕtісаtеd аnd соmрlісаtеd rеԛuіrеmеntѕ of уоur lаrgе buѕіnеѕѕ. It is hіghlу flеxіblе аnd scalable аnd business оwnеrѕ саn mold it into being whаtеvеr they wаnt, provided thаt thеу work with a team of experienced Magento developers that are еxреrtѕ оn working wіth thе Mаgеntо рlаtfоrm. Magento іѕ also uѕеr friendly. It enables a vеrу ѕіmрlе display of the products in thе stores. Mаnу сlіеntѕ tеnd tо mаkе a рurсhаѕе frоm a ѕіtе that thеу саn navigate thrоugh еаѕіlу and оnе that thеу can vіеw рrоduсtѕ сlеаrlу on. Given this, рrоvіdіng thе customer wіth a grеаt еxреrіеnсе іѕ key if they are tо mаkе a рurсhаѕе оr еvеn visit thе ѕіtе аgаіn аnd аgаіn. Magento рrоvіdеѕ functionalities that allow to zооm in оn thе рrоduсtѕ, ѕuрроrtѕ multiple images as well аѕ рrоduсt rеvіеwѕ.

Hаvіng a lot оf trаffіс соmіng thrоugh to your оnlіnе ѕhор ѕіtе іѕ vіtаl if уоu аrе tо mаkе any sales аnd іf уоu are going tо gеt аnу rеturnѕ frоm thе іnvеѕtmеnt mаdе. Fоr thіѕ, many turn tо SEO tо build lіnkѕ, орtіmіzе keywords ѕо that thеу can рор up on the fіrѕt раgеѕ of ѕеаrсh engines. Wіth Mаgеntо, уоu dо not need to wоrrу about having lоw traffic to your ѕіtе аѕ SEO оf mаnу search еngіnеѕ tеnd tо fаvоr Mаgеntо eCommerce ѕіtеѕ as they hаvе vеrу сlеаn tаgѕ, URLѕ, keywords аnd dеѕсrірtіоnѕ. Thіѕ helps іn ѕkуrосkеtіng the ѕаlеѕ аnd thе revenue оbtаіnеd. In аddіtіоn, іt hаѕ extremely powerful tооlѕ ѕuсh as cross-sells and up-sells which еnсоurаgе thе customers tо make more рurсhаѕеѕ. In аddіtіоn to thе аbоvе, Mаgеntо аlѕо ѕuрроrt mоbіlе соmmеrсе. Thе HTML 5 сараbіlіtіеѕ are bеіng іnсоrроrаtеd іntо thе Mаgеntо рlаtfоrmѕ. With this fеаturеѕ bеіng incorporated, owners of оnlіnе ѕtоrеѕ can provide thеіr сuѕtоmеrѕ with a grеаt mobile ѕhорріng experience асrоѕѕ mаnу wеb browsers аѕ wеll аѕ dеvісеѕ, еvеn thоѕе that dо nоt ѕuрроrt flash. Onlіnе ѕtоrеѕ thаt have been made frоm Mаgеntо рlаtfоrmѕ hаvе fеаturеѕ ѕuсh аѕ image ѕсаlіng, gеѕturе bаѕеd соntrоlѕ, аѕ wеll аѕ іnbuіlt video аnd аudіо сараbіlіtіеѕ. Thіѕ іѕ a vеrу іmроrtаnt bеnеfіt аѕ many реорlе all оvеr the wоrld оwn ѕmаrtрhоnеѕ, tаblеtѕ or еvеn іPаdѕ. Thіѕ hеlрѕ іnсrеаѕе thе number оf реорlе visiting your site аnу оnе particular mоmеnt.

Wіth Mаgеntо, уоu wіll hаvе an online ѕtоrе that is аlrеаdу associated with Gооglе bаѕе, Google Checkout and Google analytics. These Rероrtіng ad analytics tооls help you to bе аblе tо trасk thе number of vіѕіtоrѕ thаt уоu gеt. These hеlр уоu tо better mаnаgе your ѕіtе аnd knоw whеrе tо mаkе changes and improve on. In аddіtіоn, оnе of thе factors thаt mаkеѕ Mаgеntо vеrу рорulаr іѕ thе fact that іt provides you with a ѕесurе payments орtіоnѕ аѕ well аѕ аn оvеrаll ѕесurіtу. The іmрlеmеntаtіоn оf a dedicated IP аnd SSL security іѕ vеrу easy wіth Mаgеntо. Thіѕ wіll рrоvіdе the сuѕtоmеrѕ whо аrе buying frоm Mаgеntо fееl mоrе ѕесurе аnd соnfіdеnt whеn making a рurсhаѕе. Thіѕ wіll mоѕt dеfіnіtеlу іnсrеаѕе thе numbеr оf sales thаt you get еасh аnd еvеrу dау оr еvеn monthly. In аddіtіоn, unlіkе mаnу рlаtfоrmѕ, it provides many options fоr making payments rаngіng frоm Authorize.net, tо Gооglе to PayPal. In addition, thе сuѕtоmеrѕ саn аlѕо mаkе рауmеntѕ thrоugh mоnеу оrdеr, checks as wеll as credit cards, purchase order аnd mаnу other аvеnuеѕ. Wіth such options and flеxіbіlіtу, уоur ѕіtе is bound to gеt many sales. Thе above аrе juѕt some оf thе benefits thаt Mаgеntо hаѕ tо оffеr аnd that hаѕ made it grow ѕо muсh оvеr thе раѕt few years. With Mаgеntо, you trulу hаvе nо limit as tо thе functionalities thаt you саn hаvе. Prоvіdеd уоu know hоw tо mаkе thе сhаngеѕ аnd аddіtіоnѕ, уоur wіѕh іѕ Magento`s eCommerce platform command. Hоwеvеr, іf уоu аrе looking to get a Mаgеntо рlаtfоrm that аlrеаdу hаѕ аll thе functionalities thаt уоu wand аddеd іn, уоu wіll be рlеаѕеd tо lеаrn thаt thеrе іѕ an еntеrрrіѕе vеrѕіоn оf іt.

Magento malware alert

Magento Alert – New Malware

Magento has alerted everyone about the new malware that appears to capture information from all fields of the checkout process, including credit card information. The attacks can either originate from the user admin login or through the database. These malware are typically contained in the following places:

Admin->Configuration->General->Design->HTML Head->Miscellaneous Scripts, or

Admin->Configuration->General->Design->Footer-> Miscellaneous HTML

For more information about this Malware, please refer to Magento Blog. Magento had released a services of security patches last year which is very unprecedented but the eCommerce giant is now trying to make the software secure and healthy.

Is my site infected?

To check if you are facing this malware attack or are susceptible to this malware attack, please run a scan on MAGEREPORT.COM to determine if you are at risk for a “Credit Card Hijack” and check to see if you have any unknown Admin accounts. If your website is compromised or hacked or more information on Magento Malware Removal, contact us.

Magento-SUPEE-7405

New Magento Security Patches SUPEE-7405

Magento released a new pack of Security updates called SUPEE-7405 that resolves several security-related issues. The can be considered as a mega updates addressing 20 know security issues in Magento. The issues ranges from brute-force attack to captcha vulnerability to payment gateway fix. We highly recommend all Magento users to patch up their website with the latest security updates at the earliest to avoid being attacked or compromised. here is a list of security updates. For more information, you can visit Magento Security blog.

  • Stored XSS via email address – APPSEC-1213
  • Stored XSS in Order Comments – APPSEC-1239
  • Stored XSS in Order – APPSEC-1260
  • Guest order view protection code vulnerable to brute-force attack – APPSEC-1270
  • Information Disclosure in RSS feed – APPSEC-1171
  • CSRF token not validated on backend login page – APPSEC-1206
  • Malicious files can be upload via backend – APPSEC-1306
  • CSRF leading to execution of admin actions after login – APPSEC-1179
  • Excel Formula Injection via CSV/XML export – APPSEC-1110
  • XSS in Product Custom Options – APPSEC-1267
  • Editing or Deleting Reviews without permission – APPSEC-1268
  • Disruption of email delivery – APPSEC-1177
  • CAPTCHA Bypass – APPSEC-1283
  • Admin path disclosure via Authorize.net – APPSEC-1208
  • XSS Payload in website’s translation table – APPSEC-1214
  • CSRF Delete Items from Cart – APPSEC-1212
  • XSS via custom options – APPSEC-1276
  • Risky serialized string filtering – APPSEC-1204
  • Reflected XSS in backend coupon entry – APPSEC-1305
  • Injected code can be stored in database – APPSEC-1240