A security resouces list for Magento by Alessandro Ronchi
|
|
0
|
9
|
August 5, 2024
|
«Release & Hotfix matrix for Magento 2 / Adobe Commerce» by Sansec
|
|
0
|
13
|
August 5, 2024
|
«Magento core vulnerabilities» by Sansec
|
|
0
|
6
|
August 5, 2024
|
How to prevent an infection of `pub/health_check.php` in 2.3.3-p1 ≤ Magento ≤ 2.3.7-p2 and 2.4.0 ≤ Magento ≤ 2.4.3-p1?
|
|
1
|
276
|
January 31, 2024
|
How to fix «Your current session has been expired» frontend error in Magento 2.3 ≥ 2.3.7 and Magento 2.4 ≥ 2.4.3?
|
|
1
|
530
|
July 2, 2023
|
How to fix «Session size of <…> exceeded allowed session max size of <…>» in Magento 2.3 ≥ 2.3.7 and Magento 2.4 ≥ 2.4.3?
|
|
1
|
575
|
July 2, 2023
|
How to fix «Your current session has been expired» backend error in Magento 2.3 ≥ 2.3.7 and Magento 2.4 ≥ 2.4.3?
|
|
2
|
646
|
July 2, 2023
|
How to disable the standard Magento 2 authentication timeouts from the command line?
|
|
0
|
1603
|
March 3, 2018
|
How should my extension check whether an AlphaHPP's response message is sent by AlphaCommerceHub or by a hacker?
|
|
2
|
637
|
December 1, 2017
|
[AlphaCommerceHub] How is the APIs authentication security implemented?
|
|
1
|
675
|
October 25, 2017
|
[AlphaCommerceHub] What is «Crypto ID»?
|
|
1
|
843
|
October 25, 2017
|
[PostFinance] How to setup the «Hash algorithm» option?
|
|
1
|
1071
|
August 20, 2017
|
[PostFinance] How to setup the «Compose the string to be hashed by concatenating the value of» option?
|
|
1
|
953
|
August 20, 2017
|
[PostFinance] How to setup the «Character encoding» option?
|
|
1
|
844
|
August 20, 2017
|
What is the Magento_Security module for?
|
|
2
|
2204
|
June 21, 2017
|
How are the «secureUrlList» and «excludedUrlList» arguments injected to the \Magento\Framework\Url\SecurityInfo's constructor?
|
|
1
|
1791
|
May 31, 2016
|
When Magento will stop releasing security patches for Magento EE 1.14?
|
|
1
|
1355
|
July 7, 2016
|
How to fix the «SSL certificate problem: unable to get local issuer certificate» issue while signing into a Magento Marketplace account on the backend Component Manager screen?
|
|
3
|
4588
|
May 4, 2017
|
All the Magento 2 websites based on the latest 2.1.6 and or an earlier version with the disabled «Add Secret Key to URLs» option are vulnerable to DC-2017-04-003 (Remote Code Execution, CSRF))
|
|
0
|
936
|
April 14, 2017
|
How to programmatically build a store's URL with the forced HTTPS protocol using the «_secure» parameter?
|
|
1
|
8606
|
May 31, 2016
|
How is the \Magento\Store\Model\Store::XML_PATH_SECURE_IN_ADMINHTML constant declared and used?
|
|
1
|
1280
|
May 31, 2016
|
How is the \Magento\Store\Model\Store::XML_PATH_SECURE_IN_FRONTEND constant declared and used?
|
|
1
|
2570
|
May 31, 2016
|
How is \Magento\Framework\Url\SecurityInfo::isSecure() implemented and used?
|
|
1
|
1877
|
May 31, 2016
|
How is the «web/secure/use_in_adminhtml» option implemented and used?
|
|
1
|
3127
|
May 30, 2016
|
How is the «web/secure/use_in_frontend» option implemented and used?
|
|
1
|
2708
|
May 30, 2016
|
How to force HTTPS for the frontend URLs?
|
|
1
|
11598
|
May 30, 2016
|
How to force HTTPS for the backend URLs?
|
|
1
|
2904
|
May 30, 2016
|
How to reset the «Secure Base URL for Static View Files» option value by an SQL query?
|
|
1
|
5232
|
March 25, 2016
|
How to reset the «Secure Base URL for User Media Files» option value by an SQL query?
|
|
1
|
2599
|
March 25, 2016
|
How is the \Magento\Security\Model\AdminSessionsManager::logoutOtherUserSessions() implemented and used?
|
|
1
|
2294
|
April 10, 2016
|