Magento has released a new tool to monitor your site for known security risks, including patch updates, malware, and unauthorized access. The Magento Security Scan Tool is free and can be run on any version of Magento Commerce (formerly Enterprise Edition) or Magento Open Source (formerly Community Edition).
The Magento Security Scan Tool Includes:
- A real-time look at the security status of your Magento store. Fixes to potential vulnerabilities may be provided where applicable.
- More than 30 specific tests to find potential vulnerabilities, including missing Magento patches, possible configuration issues, and security best practices.
- Historical reports saved over time so Magento merchants and developers can monitor changes as well as track on improvements
- Reports that clearly show which security tests passed and failed, as well as potential remediation steps.
- Scheduling of scans for specific, recurring dates as well as an on-demand scan result
Setting Up Your Scan
The Security Scan Tool is relatively easy to set up. Create your merchant account on Magento.com, or login to your existing Magento account to generate your verification code. Add the code to your Magento Admin to verify you own the site, and you’re ready to go!
Step-by-step instructions are included in the Scan set-up.
Please note that depending on your Magento configuration and specific store set-up, it’s possible to generate false positives with the Magento Security Scan Tool. If you’re unsure if the scan is providing accurate results, your Human Element team can review your results, or perform the scan for you and give you more details.
Let Human Element Run Your Scan
For current Human Element clients, feel free to contact your Human Element project manager for support, or to evaluate your scan results. We’re happy to take a look at your report to ensure you’re getting accurate information. If you’re just learning about Human Element, we invite you to contact us for more information about an ongoing support contract.