SECURITY

Magento | Google ReCAPTCHA V3

Verifying Customers’ Identities

/in /by

The goal of great digital commerce is to make the customer journey as simple and easy as possible from the time the customer enters your site to the moment a customer purchases your products.

Rather than having multiple points of verification, Adobe Commerce merchants are encouraged to implement configurations that allow a single validation for the whole shopping session. This creates a better customer experience where the focus is on purchasing your products.

Our recommendation is to enable Google ReCAPTCHA, this is a free tool available to all Adobe Commerce merchants. Due to the ease of use and advanced security, our recommendation is to enable Google ReCAPTCHA in your checkout process. This is the best way to impede “carding” attacks and other brute force attacks during checkout.

We’ve all tried to log into a website only to be challenged to click all the boxes containing traffic lights or storefronts or bridges in a frantic attempt to persuade the computer that we’re not a bot. Last fall, Google launched version 3 of the tool, an “invisible” version of ReCAPTCHA, with the goal of eliminating the annoying customer experience. Google ReCAPTCHA V3, is invisible to your customers, they won’t see the “I’m not a robot” checkbox, nor will they have to prove they can identify a traffic light. Behind the scenes, ReCAPTCHA is still conducting a risk assessment of that customer based on their activity and behavior on your site and as a result, preventing “carding” attacks and malicious actors access.

Google ReCAPTCHA V3 | Magento

If you are not using Google ReCAPTCHA V3, it is possible that you are seeing a higher rate of cart abandonment than you would with “invisible” ReCAPTCHA V3. Google ReCAPTCHA V3 is available in Adobe Commerce 2.4 (also known as Magento).

Recommended forms where you can enable Google ReCAPTCHA include:

• Admin Login
• User Login
• Create Account
• Newsletter Sign up
• Forgot/Reset Password
• Checkout

If you have any questions, you can contact us via the options on the Crimson Agility contact page.

Interested in learning more about “Adobe Commerce Security Best Practices” or for a Security Assessment contact us today.

Magento 1 End-Of-Life

The Impact of the Magento 1 End-Of-Life on PCI Compliance

/in , , /by

What it means to be PCI Compliant and why it is important.

PCI Compliance is an essential component of any credit card companies security protocol. Being PCI compliant means consistently adhering to a set of guidelines set forth by the PCI Standards Council, an organization formed in 2006 for the purpose of managing the security of credit cards for online and offline transactions.

All companies that process credit card information are required to maintain PCI compliance as directed by their card processing agreements. PCI compliance is an industry-standard and requirement. Businesses that do not adhere to these standards can be held accountable for agreement violations and negligence.

Magento 1 EOL and the impact to PCI Compliance

As of June 30, 2020, Magento is ending support for all versions of its Magento 1 e-commerce platform. This means that Magento/Adobe will no longer be providing bug fixes, upgrades, and most importantly security patches. It is assumed that without Magento/Adobe’s oversight of Magento 1’s security, that no one will be monitoring or detecting any future vulnerabilities.  Actually, malicious characters will continue to look for vulnerabilities and exploits to attack.  The versions of Magento 1 that are impacted include Magento Commerce 1 (formerly known as Enterprise Edition) and Magento Open Source 1 (formerly known as Community Edition).

PCI Non-ComplianceGlobal PCI DSS standards require each entity to “develop and maintain secure systems and applications by installing applicable vendor-supplied security patches.” If you continue to use Magento 1 after June 30, 2020, your Magento instance is at risk for being out of compliance with Payment Card Industry Data Security Standards (PCI DSS). Your payment processors and merchant banks may view your Magento instance as no longer being secure and consequently non-compliant. Here are a few announcements from major payment processors related to Magento 1 end-of-life and PCI compliance. 

PayPal is indicating that you have one month after June 30, 2020 to get PCI Compliant.  They also indicate that all payment processors have the same obligations and requirements under PCI DSS.

What are your options?

Magento 1 merchants must take immediate action and should be actively planning and pursuing migration to Magento 2 or a modern actively-maintained e-commerce platform. Simply put, the risk and opportunity cost of maintaining a Magento 1 instance will increase over time the technology becomes more obsolete, and nefarious characters look for opportunities to exploit Magento 1.

  • Migrate to the Magento 2 Platform or migrate to another vendor-supported platform as soon as possible.  
  • PayPal and Crimson Agility are partnering to provide loans to help small businesses to help with the migration costs of migrating to Magento 2.
  • Companies like Webscale Networks and Nexcess also offer a safe harbor hosting for your Magento 1 sites if you are unable to migrate off of Magento 1 before the end-of-life.  This is a short-term solution, but Crimson Agility can help you understand these options and migrate to these experienced Magento hosting partners.  These options are short-term solutions and it is unlikely they address PCI compliance concerns fully.

We can help! 

Crimson Agility’s MAGENTO RAPID DEPLOYMENT PACKAGES are fixed-cost implementation solutions. Our packages are great for small to large businesses wanting to move to Magento Commerce® or Magento Cloud Edition®. Crimson Agility’s MAGENTO EXPRESS PACKAGES are available for merchants migrating from Magento 1 or any other e-commerce platform.

At Crimson Agility, we value trust, accountability, best practices, being responsive, and high-quality work. Our ability to provide rapid high-quality implementations of Magento 2 is grounded in our experience, methodology, commit to training, and by our US-based staff of certified Magento professionals.

We are ready to provide a free estimate to upgrade your site

e-commerce security

E-Commerce Security – Protecting Against E-mail Fraud

/in , /by

E-Mail fraud and e-commerce security is a genuine threat that we all face daily. These messages, sometimes referred to as “phishing” or “spoofing,” are becoming more prevalent and may appear legitimate by incorporating company logos, colors, or other legal disclaimers into them. As an online merchant, your customers are an extremely vulnerable group. It is essential to protect your customers and have an online presence that is credible, professional and secure.

Here are some security tips for online merchants.

  • Never request any customers’ personal or banking information via e-mail.
  • Include your customer service phone number in the header of your site – this is both comforting to your customers and provides a mechanism for them to report suspected fraud.
  • Ensure your e-mails have a consistent style and layout that is professional and that your customers recognize.
  • Display the full URL of links in your e-mails – this allows your customer to see that the URL is to your site.
  • Follow e-commerce security best practices as it relates to account creation and passwords. (See Magento Password Options)
  • Take appropriate steps to secure your site from site-spoofing and URL-spoofing that include monitoring and countermeasures.
  • Use authenticated e-mail servers.  These include DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework), often in conjunction with DMARC (Domain-based Message Authentication, Reporting, and Conformance).

Learn more about how to avoid phishing scams in this article from the U.S. Federal Trade Commission:

https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams

Crimson Agility is an e-commerce and Magento expert with a focus on security and preventive measures for online merchants. Ask us about our Magento Security Audit for your Magento 1 or Magento 2 site before its too late. An ounce of prevention is worth a pound of cure. A little precaution and planning before a security crisis occurs are preferable to reacting to the fallout of a disaster.

For more help and information on e-commerce security, contact us at Crimson Agility.

Graduate from Magento 1 Open Source to Magento Commerce 2.3.3

/0 Comments/in , , , /by

Now is the time to graduate from Magento 1 Open Source to Magento Commerce 2.3.3. “But why? Open Source is free”. Believe me, we hear this all the time. Our Crimson Agility clients are no different and usually ask why they should build their site using Magento Commerce when Magento Open Source is free? We agree that Open Source is a great option. However, in the long run it is not the most cost-effective. Magento Commerce has additional features, the cloud infrastructure, and performance enhancements that are invaluable. With the Magento 1 end of life right around the corner (June 2020), now is the time to turn that tassel and graduate to Magento Commerce 2.

Let’s take a moment and look at the smaller picture here: not migrating from Magento 1.X to the most recent version of Magento 2. If you postpone the decision to make the leap to Magento 2, you are risking your business, reputation, customers data, and privacy not to mention their payment details.  Once Magento 1 is retired, your site becomes a target for those with nefarious intent. According to Magento, 83% of hacked sites were un-patched sites. When Magento 1 is retired, there will be no more patches available. It is like comparing the migration to not taking an Uber and risking the fines and life destruction from driving home from graduation only after a couple drinks. Yes, it can be that destructive.

When Magento 2 was released in 2015, it was not just a simple version upgrade. The new Magento 2 platform is a new improved platform built on state-of-the-art architecture. An outstanding 240,000 sites still utilize Magento 1 today. Mostly because of either the cost of migrating or procrastination. These store owners have also chosen in the past to stay on the comfortable older release to avoid breakage or revenue impacting downtime. But today, more and more educated store owners are realizing the benefits of investing in Magento Commerce 2 and are seeing the results of their investments. Here at Crimson Agility our 21 USA based certified developers have helped nearly 20 sites migrate while limiting downtime and not impacting revenue. Our customers are bringing in the new year stress free and will continue to grow their business safely.

What is New in Magento Commerce 2.3.3?

The new features in Magento Commerce 2.3.3 are amazing. There is so much to list but we encourage you to view Adobe’s Magento Commerce 2.3.3 Release Notes and read through all of the greatness for yourself. Below we have outlined some key points of Magento Commerce 2.3.3 enhancements announced November 7, 2019:

  • Over 100 security fixes reducing backend log significantly
    • Support for PSD2 compliance support
    • Supports PHP 7.3 (7.1 end of life is November 30, 2019)
  • Google Shopping Ads Channel is now part of the core code – cut ad spend by 50%!
  • Amazon Sales Channel in now part of core code
  • Progressive Web Application (PWA) Studio – fast page performance and increase SEO and conversion rates
  • Cloud enhancements
  • Product recommendations powered by Adobe Sensei
  • Superior Experiences – Deliver best-in-class B2B and B2C shopping experiences that accelerate sales
  • Omnichannel innovations – sell everywhere, deliver anywhere managing products, inventory, orders and fulfillments
  • Commerce Intelligence – enable intelligent experiences, uncover insights, and employ better measurement

How Can Crimson Agility Help you?

We have migration options! We offer three MAGENTO QUICK START PACKAGES that are fixed-cost implementation solutions. Our packages offer great price points whether you are a small business or large enterprise wanting to move to Magento Commerce. Making the move doesn’t have to be hard and will result in improved security & performance, seamless shopping everywhere with PWA, increased conversion rates, more streamlined operations, and a better overall end-user experience.

Contact us today and learn more, we are here to help and love what we do.

Update: Our own David Baier emphasized the importance of having trusted partners to ensure your site remains secure, reliable, and high performance in a Webscale article.

“As Magento 1 end-of-life quickly approaches, it is essential for merchants on Magento 1 to plan accordingly for both the short-term and long-term. Though Magento 1 will continue to function after June 2020, it becomes increasingly susceptible to becoming a target to nefarious actors with bad intentions. More than ever, it is vital for merchants to have trusted partners that can secure their site, preserve their reputation, and protect their customers.”

About Crimson Agility: We are a full service Magento services firm with an in-depth knowledge of the Magento platform and e-Commerce, a broad set of design, development, integration and marketing skills, as well as years of industry experience and successful implementations.

Until next time, let’s get social!  Like us on Facebookfollow us on TwitterInstagram and on LinkedIn.

header image for blog post

Why Use Two-Factor Authentication?

/0 Comments/in , , , /by

Why Use Two-Factor Authentication?

Using the web can be rewarding, but with those rewards come some risks. We’re all connected on the internet, and with that connectivity we are at risk from malicious actions and attempts to gain access to our sensitive information. In E-Commerce we apply best practices to protect companies and individual buyers from these potential security risks. Magento Two-Factor Authentication (TFA) allows for all users to secure their information from cyber attacks.  This authentication method works by attaching specific accounts to a users personal device which adds an additional layer of confirmation for the online service, and peace of mind for the individual logging in. Protecting users from fraud protection is only one of the benefits to using this method. It also provides a way for technology novices and experts to better safeguard their account information. Here are some of the best Magento extensions and tips that can protect your website and your customers from potential attacks.

Improved Security

Strong passwords are a great place to start, but hackers still have methods to crack even the most creative of passwords. Two-Factor Authentication adds a physical action to logging in by incorporating a device, such as a smartphone, tablet, or token. A one time code is generated and delivered to the user in the form of an SMS or automated call that cannot be hacked. 

Lower Customer Service Cost

Using a Two-Factor Authentication can help curb the cost of customer service issues. Auth0 states from an HDI study that 35-40% of service calls are related to password resets. By implementing TFA you can effectively eliminate password reset calls from getting to customer service. TFA can save the company money and resources by reducing low tier issue calls and keeping customer service focused on other, more important, issues.

Reduce Online Fraud

There have been a recent slew of data breaches recently. Large companies like  Facebook, Yahoo, and Target have suffered from successful cyber attacks exposing hundreds of millions of customers personal information.  It becomes apparent that data breaches could happen to any company. This is why companies like Gmail, Apple Pay, PayPal, Evernote, Dropbox, and LinkedIn have moved to Two-Factor Authentication. It prevents sensitive information from falling into the wrong hands. However, the protection of data can be left in the right hands, every company should be proactive and take it upon themselves to protect their customers from potential threats online.

How to Better Protect Your Users?

You can start taking action by using Magento Two-Factor Authentication extensions on your E-Commerce store. Some extensions that are already in use: Google Authenticator, U2F Devices, Duo Security, and Authy. Become proactive and don’t wait to react to cyber threats. Empower yourself and your customers to bring cyber security into the physical world by using TFA.

Security and staying updated is essential for any eCommerce experience. Let us here at Crimson Agility handle your Magento and eCommerce questions. Contact Crimson Agility today to see what would work for your security needs.

Until next time, let’s get social!  Like us on Facebookfollow us on TwitterInstagram and on Linked In.

Thanks for stopping by!

Crimson Agility Team

Why You Should Upgrade to Magento 2.3

/0 Comments/in , , , , , /by

Magento has announced that as of January 2020, Magento 2.2 will no longer be supported. This means new versions will no longer be released for any Magento 2.2 instance, whether it’s security updates or bug fixes. With this news, you should be looking to upgrade to Magento 2.3 in the near future. In this post, I will explain the major differences between 2.2 and 2.3, and why you should be upgrading. There are many minor bug fixes and security updates that have happened in the changelogs for 2.3, but I will be mainly focused on the major changes: new functionality and major security improvements.

Magento Open Source

Magento Open Source 2.3 comes with quite a few new features, such as Multi Source Inventory, PWI, declarative schema, GraphQL, and many others. In this section we will go in-depth for each one.

Multi-Source Inventory

Multi Source Inventory (MSI) allows merchants to have multiple different warehouses, brick and mortar stores, or distribution centers, and ship from each one depending on which location has the product ordered in stock and even which warehouse is closest to the shipping address on the order. This can help decrease not only shipping times, but also shipping costs.

PWA Studio

Progressive Web Apps (PWA) Studio allows for developers to create a much more intuitive mobile application and can increase performance on mobile devices immensely. In 2018, over 52% of all web traffic came from mobile devices, so having a performative, intuitive, and attractive mobile website is vital in today’s day and age.

GraphQL

This is more of a developer’s tool, however it’s incredibly useful. This allows much quicker and easier manipulation of databases. When used correctly, it can send and receive database information much more efficiently than the standard MySQL system that Magento 2.2 uses 

Declarative Schema

This is another developer tool but is also really helpful for Magento when releasing new security patches. Declarative schema allows developers to declare how they want the database to be structured without having to maintain an upgrade or install script in the module. This means that Magento can make database schema changes in patches, which wasn’t previously possible. 

Magento Commerce

Magento Commerce has all of the Magento Open Source changes, along with a few extras. In this section we will go over a few of the improvements that aren’t included in the Magento Open Source Version.

Page Builder

One of the most impressive improvements in Magento 2.3 thus far is the page builder. This has vastly improved the CMS content development and makes it extremely easy for merchants to set up their static content without the need of a developer.

CMS Improvements

In situations where you use the WYSIWYG editor but the page builder isn’t available, the WYSIWYG editor has also had some great improvements. If you’ve used the Magento 2.2 WYSIWYG editor, you have probably noticed a plethora of icons, many of which are hard to understand. In 2.3 they streamlined the WYSIWYG editor to look much more simplistic and easier to understand.

 

There’s a multitude of reasons to upgrade to Magento 2.3. Due to a SQL injection vulnerability found in 2.3.0, we highly recommend skipping 2.3.0 and upgrading straight to 2.3.1. If you are already on 2.3.0 and haven’t applied the patch to fix the vulnerability or upgraded to 2.3.1, upgrade immediately. For those of you currently on 2.2, due to Magento dropping support of 2.2 as of January 2020, it’s best to upgrade soon. We can help you upgrade to 2.3.1 as well! Just contact us here so we can get started. 

Have you heard about our new webinar happening on June 20th? We are going to be discussing about B2B commerce and using Magento 2.3 It will begin at 9:00 AM

Until next time, let’s get social!  Like us on Facebookfollow us on TwitterInstagram and on Linked In.

Thanks for stopping by!

Crimson Agility Team

Magento Authorize.net Direct Post End-Of-Life Demystified

/0 Comments/in , /by

Authorize.Net alerted customers recently that it was phasing out MD5 based hashes. These are used for transaction response verification from Magento’s Direct Post payment method. Magento has announced a patch to address this issue. The first step is currently in effect, merchants are no longer able to configure or update their MD5 Hash settings in the Merchant Interface. On June 28, 2019, Authorize.Net will stop populating the MD5 Hash Value altogether. This will in effect make it impossible to process payments for merchants who use Authorize.Net Direct Post method in Magento.

For all Magento versions prior to Magento 2.3.1 (including Magento 1.9 and 1.14 and below) Authorize.net Direct Post was a native payment application within Magento’s platform. This payment method will no longer be valid after June 28, 2019. This could result in lost revenue and downtime for merchants.

In order to continue processing these payments, Magento has provided a solution in the form of patches which can be applied for both Magento 1.X and Magento 2.X.  These patches for Magento must be applied within the code base and deployed to the merchant’s production server before June 28th to ensure continuity of service. Additionally, the merchant must generate a signature key within their authorize.net portal, and insert this into the admin configuration.

If any of this sounds technical, its because it is. The patch provided requires updating your Magento code. After the patch is applied, it is important to verify that any customizations dependent on the Authorize.net module are not impacted by the patch and appropriate configurations within the payment portal are properly tested.

Crimson Agility is well-versed in this process and has already completed the necessary changes for all their clients. If you are concerned your site might be at risk, please contact us for Magento Support through our contact form or call us directly for assistance.

For more information on this issue see the following:

Why are Poor Search Results Killing your Sales?

/0 Comments/in /by

What is the first thing you do when you are online shopping or looking for a particular product?  If you are like 60% of consumers, you start your research on a search engine before heading to a specific website. On average, those same consumers visit at least 3 online stores before making their purchase. That means that by the time consumers come to your site, they have already done their research and they are ready to make the purchase.  At this point, it becomes increasingly important for the consumer to find what they are looking for, at the right price, with low/no shipping costs, and within an environment they can trust. All of these factors contribute to the success of your business, however, searchability is becoming increasingly important if you are to secure a sale. After all, customers can’t buy what they can’t find. So if you haven’t already thought about it, it is time to look under the hood and find out just how good your site search is. Here are some things to consider:

Time is of the essence

On average, 30% of the visitors on your site will use the search box. Once they arrive at your site, they are in “buying mode”. They have completed their research and all they need is a final view at the product details such as the price, availability, and delivery costs.  You can help customers find what they’re looking for by offering a user-friendly site search experience. Make sure that the search box is visible and results are fast. It is all about encouraging them to make that purchase.

50% higher conversion rate

A user-friendly site search experiences can lead to conversion rates up to 50% higher than the average. When searching for a product, the expected result is a direct link to the product’s detail page. Good search results can yield higher sales because customers who find what they are looking for easily are more likely to buy it on the spot. Customers who can’t find the information they’re looking for leave your site within minutes, only to make a purchase at someone else’s site that can yield the expected results.

Offer Suggestions

Offering related products as part of a search result can encourage visitors to view more products. About one fourth of site visitors will click on a search suggestion. These suggestions can be cross-sell or up-sell items that complement the product they searched for. If several models or options are available they can also be displayed as suggestions.

Allow flexibility of display results

Allow for results to be displayed in grid or list views. Consumers enjoy having the flexibility to decide in how results are displayed. Having these options can improve their experience on your site and potentially increase the chances of customer retention and loyalty.

Auto-complete can boost conversion rates

Using an auto-complete tool that begins to search as the customer is typing, offers a number of advantages: it speeds up the search process for users, it helps to avoid misspellings, and it can also ensure searches return a product result. If it is well implemented, auto-complete can save customers a lot of effort, in addition to speeding up the search process. More intuitive search and navigation means higher conversion rates.

Zero results page

If customers have searched for a product that you don’t stock, it doesn’t have to end with a ‘no results found’ page. You can provide a list of alternate products that may be related to the searched item. In addition, zero results pages can be a valuable source of information for you as an online retailer. Use the zero results page to discover new trends and then stock what is needed. Keep an eye on your site’s keyword search results. Tracking this data can inform you of products customers are looking for that you don’t currently stock.

Too many search results

Another definition of a poor  search result is returning hundreds or even thousands of results. Too many results coupled with poor filtered navigation options is detrimental to your sales. Any decent site search tool will cater for synonyms, such as with synonym lists. By mining older search data to understand the specific terms the audience are using to find products, adjustments can be made to drive better results.

With that said, how can you improve searchability on your site?

If your store is built on Magento 2.x Enterprise Edition, you get ElasticSearch for searching your catalog. ElasticSearch performs quick and advanced searches on products in the catalog, supports multiple languages, supports synonyms, and returns results based on the last generated index. ElasticSearch is accurate and scalable and it allows you to customize reuslts by tracking terms that consumers type into the search box to direct customers toward a particular product or result. By improving the site search results, you can directly impact the experience for users and increase conversions.

Even with all of the features mentioned above, the native Magento search functionality can be lacking. To bridge the gap, we recommend to our clients that they invest in a third party search solution. We recommend using Klevu, which is a market-leading search solution that uses natural langauge processing (NLP) and machine learning to provide more accurate results and allows for far more complex merchandising. Klevu is a very robust and cost effective solution and in our experience has yielded very positive results.  Some of the features we (as well as our customers) like:

  • Advanced product boosting (either at SKU level or based on attribute rules)
  • Comprehensive reporting (which products are performing best)
  • Natural language processing (deeper understanding around queries)
  • Machine learned results (self-learning based on what users are searching)
  • Ability to index more content
  • Quick search (fast search results
  • Awesome UX (results in a user-friendly layout)

We have seen improved search results and increased conversions with the implementations we have completed for our customers. If you are interested to find out more, stay tuned as we dig deeper into the topic of site/product searching in our March series of social posts, blog posts and our new upcoming newsletter. We will be exploring features around Klevu and a client success story later this month.

In the mean time, please add your comments below and let’s get social!  Like us on Facebookfollow us on TwitterInstagram and on Linked In.

Thanks for stopping by!

Crimson Agility Team

IS YOUR MAGENTO SITE SECURE?

/0 Comments/in /by

Let’s face it, hackers are out there. They are a fact of life in cyberspace. Magento is diligent about making sure that they plug vulnerability holes wherever they exist in the infrastructure of your Magento e-commerce site.  Let Crimson Agility update your Magento platform to keep it secure. Your Magento platform is there, to supercharge your e-Commerce site. Just like with any computer system, maintenance is an important factor. Magento and Crimson Agility take security very serious and the newly released critical security updates are important to keep hackers at bay.

Here are some of the things we can help you with:

SUPEE-10266 Security Patch
For Magento 1.x and 2.x versions, the Security Update SUPEE-10266 was created to address recently identified vulnerabilities. You can check your site at MageReport.com for an assessment of your site’s health and security before and after applying the security update.

Update to the latest version of Magento
In addition to security patches, updating your version of Magento to the latest version will also help keep your site in tip top shape.

For Magento Commerce the latest version is 1.14.6 and Open Source to 1.9.3.6.  The latest versions contain multiple security enhancements that help close cross-site request forgery (CSRF), unauthorized data leak, and authenticated Admin user remote code execution vulnerabilities.

For Magento 2.x, update to Magento 2.0.10 for Community Edition and Magento 2.1.2 for Enterprise Edition for the latest security updates. The Magento 2.0 Upgrade Guide and Magento Security Best Practices are great resources for keeping your Magento site safe and secure.

Keeping your Magento E-commerce site up to date and secure can be a daunting task, but it doesn’t have to be. Just call Crimson Agility today we can get your upgrade scheduled and done in no time at all! Contact us and we’ll answer your questions.

Until next time, let’s get social!  Like us on Facebookfollow us on TwitterInstagram and on Linked In.

Thanks for stopping by!

Crimson Agility Team

NEW MAGENTO SECURITY UPDATE – SUPEE-8788

/0 Comments/in , /by

Let’s keep your Magento platform up-to-date and secure.  Your Magento platform is there to supercharge your e-Commerce. Just like with any computer system, maintenance is an important factor. Magento and Crimson Agility take security very seriously and the newly released critical security updates are important to your Magento site’s security and performance.

 

For Magento 1.0, the Security Update, SUPEE-8788, was created to address recently identified vulnerabilities.  If you need assistance with this update or any update, contact Crimson Agility to get this scheduled and to keep your Magento platform secure.  You can check MageReport.com for an assessment of your sites health and security before and after applying the security update.

In addition, Magento released upgrades to Magento Community Edition and Enterprise Edition, versions 1.9.3 and 1.14.3 respectively.  With these new releases Magento had added support for PHP 5.6 which has some significant performance benefits.  Check the Magento 1.9.3 and 1.14.3 release notes for more fixes and new features.

For Magento 2.0, download Magento 2.0.10 for Community Edition and Magento 2.1.2 for Enterprise Edition for the latest security updates.  The Magento 2.0 Upgrade Guide and Magento Security Best Practices are great resources for keeping your Magento site safe and secure.  For the less technical, call Crimson Agility today to get your upgrade scheduled.

If you have any questions on these security updates or upgrades, contact us and we’ll answer your questions.  We have already updated over 40 sites for our current clients.