Have you been affected by the Magento Vulnerability?
If you haven’t undated your Magento to the latest version, or installed patches to keep you current, you may want to ensure that you haven’t been effected by the vulnerability by checking a few things
- Check your list of administrator users for unknown accounts.
- Check your Magento installation for any unknown files that were recently created and compare files to your code repository or your staging server.
- Check server access log files for request POST /index.php/admin/Cms_Wysiwyg/directive/index/ coming from unknown IP addresses.
- Run a tool to check for trojans (e.g. chkrootkit)
- Check for wrong permissions and any hidden files
- Check for suspicious ports being opened or redirections on OS level.
Full articles about the Magento 1.x and Magento 2.x issues are posted in the Magento Security Center. Additionally, all new releases and a separate USPS patch support recent USPS changes.
Magento Community Edition Update and Patches
The Magento Community Edition 2.0.1 release also contains several important functional updates, including official support for PHP7.0.2.
To download your update, please visit the Community Edition Download Page. These two patches (SUPEE-7405 and SUPEE-7616) are available to address security and USPS issues for Community Editions 126.96.36.199-188.8.131.52. Both sets of improvements are included in Community Edition 184.108.40.206 and Community Edition 2.0.1. Be sure to install all previous patches, if you haven’t done so already. All previous USPS patches must be installed for the new patch (SUPEE-7616) to work. We advise installing patches in a development environment before putting them into production.
Hostway now provides Managed Magento Support.
Hostway’s new Managed Magento Support includes but not limited to the following:
- Magento installation – including resetting a currently configured store to defaults, troubleshooting existing installations and package downloads
- Configuration – assistance with full product configuration including payment modules, shipping options, tax rates, languages, products, etc.
- Full Magento UI support – all types of “How-to” questions ranging from catalog setup to marketing related items like promotions, etc.
- Troubleshooting and bug/issue fixes – this includes diagnosis and potentially resolution of the vast majority of functional and/or visual issues with the product caused by misconfiguration or broken data entries. If issue is caused by custom code, support will only indicate the affected area and will only offer resetting it to default settings, if possible.
Need help keeping your Magento deployment running? Contact us today and let Hostway help you patch your Magento application.