My Magento shop is vulnerable to hacking

Question

I have a headache with my shop using Magento, my shop is very vulnerable to hacking by bots or other people. They often add some scripts and files to sending spam mails.

I think they come to me from old files, so I try to update all addons and Wordpress (integrated with Magento). I update all without Magento files I got 1.8 CE version. I try to keep safe my shop using some security tricks from some blogs which I found. When I did it I think it's end of my problems!! But today I open mail from my host provider with call that my server sent a lot of spam.

There is some ways to secure my shop to future attacks? What do I have to do when I clean up my shop?

Every thought of patching your vulnerabilities, updating your Magento? — Lucas Kauffman, May 12 '15 at 19:11
In this case, it's obvious but I would avoid similar problems in the future. — Sebazz, May 12 '15 at 19:15

score 1 · Answer 1 · answered May 13 '15 at 00:31

if your shop is as compromised as you say here the only way to protect yourself is to start from scratch. A new Host (or reinstalled host), Install proper Defenses (like firewalls). Use a proper Webshop that have withstood Security tests (Drupal commerce for example, but I am biased towards drupal). I would also suggest you get a local Webshop Expert and help you get a safe environment.

good luck

score 1 · Answer 2 · answered May 13 '15 at 08:51

My company recently experienced a compromised Magento instance, below i will outline the course of action we took to handle the breach and mitigate the risk of any personal data/payment information being stolen/put at further risk.

1- Disable the shop & MYSQL accounts and investigate what data was likely to have been stolen/edited

2 - Investigate the exploit that was used and understand the extent of the breach

3 - Notify the appropriate authorities where necessary (Card processor & ICO)

4 - Rebuild a new instance of our Magento shop without re-using any of the old files/databases that were compromised

5 - Ensure that new installation is PCI compliant & secure

6 - Undertake PFI Lite investigation (Enforced by VISA)

7 - Continue trading from the new magento instance

I think that arguments about what e-commerce platform is better or worse are out of the scope of this question. They are all at risk of being exploited, but i have found that with Magento (As long as you keep up to date with them) patches are released promptly for exploits. When you can start running into problems is when you have a lot of plugins installed, as each of them are a potential attack vector.

Anyway, I hope this helps! Good luck!

My Magento shop is vulnerable to hacking

2 Answers2