Category: Magento

Magento CE 1.9.3 was published on 11th October 2016, it delivers various code improvements, fixes few known issues and closes some very important security holes. Beside quality improvement of code, new version brings support for PHP 5.6 in addition to PHP 5.4 and 5.5. (PHP 7 is still not supported). Security enhancements addresses some general issues like (to mention few): remote Code Execution in checkout, SQL injection in Zend Framework, Stored XSS in invitations. Also there are several password enhancements...

As you probably noticed, during the installation Magento gives you different options where to store session data. The two options are File system and Database File system is selected by default and session files are stored in var/session folder. The other option, to store session in Database, is usually used when you are hosting Magento store on multiple web servers (cloud hosting). If, from some reason, you need to clear all the session data, you would usually just need to...

One of the leading information security companies, Trustwave, released the 2016 Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2015. Even though the report only confirmed what we have been suspecting over the last year, some of the data, especially those considering ecommerce, were somewhat shocking. We would like to share some interesting facts from the report, especially those considering compromised ecommerce websites and, as the Trustwave report shows, by "compromised ecommerce" we...

Magento Security Team published a list of steps required to prevent brute-force attacks. How effective are they, and will the non-tech savvy users be able to implement them? In the past couple of weeks the Magento community noticed an increased attempts to break into Magento webshops by using so called brute force attacks - automatically trying out different combinations of passwords until the right one is guessed. Some of these attacks have resulted in unauthorized admin panel access and several...

Loading time is an important part of your website’s user experience. If your site is slow, you are losing conversions, which can really take a toll on your profit. When it comes to site speed it is very important that your store runs smoothly, quickly and securely. Choosing the right hosting provider has a big impact on your website's performance. A while ago we wrote a blog post about choosing the best hosting for Magento. Today, we are focusing on...

"No business is safe from hackers, I’ve had the chance to see it for myself. That’s why I would like to share my experience with all online store owners. My friend, also an owner of a web shop, was recently hit by a hacker attack. His site seemed just fine, all he noticed was a significant drop in sales," states Brad S., owner of madamebridal.com. “After a couple of months of trying to figure out what is going on, he...

Simple Configurable Products (in further text - SCP) changes how pricing of configurable products works in Magento. Configurable product's own price is never used, instead the price used is that of the matching associated product. SCP gives site owners direct control to set the price of every configuration of a product, no need to use price modifiers based on attribute options. Beside price rules SCP changes product custom options rules, any custom options assigned to Configurable Product will be ignored....

Latest Magento Patch SUPEE-6788, addresses several serious security issues and it is highly recommended to apply it right away. However, patch will make changes that may possibly break backward compatibility with extensions or customization's that are made on store. In view of recent events, we would like to announce that your modules are fully compatible with the latest version of Magento 1.9.2.2. Applying patch will not cause any issues with already installed Extensionsmall modules, they will continue to work without need...

Until recently, Magento was considered one of the most secure platforms. Security patches between versions were rare and dealing with specific issues. In the last few months, things have changed and we have already got several patches that were resolving serious security issues. Applying the patch was necessary to prevent Magento from being infected. Once the files are corrupted, it is just a matter of time when malware code can be executed and who knows what kind of damage could...

Easy integration of 'Color Swatch' module is one of main reasons why customers still prefer our plugin among other swatch plugins. While integration into theme in most cases is quite straight forward process (our module is fully compatible with most popular themes for Magento), we went one step further and integrated module into Shopper theme that use 'Excellence Ajax Module for Magento'. Site owner idea was to allow customers simple way to add various products right from catalog page, without...