Keep Your Magento Store Updated to Prevent Getting Hacked

by Maaz Shah  February 4, 2016

Magento is one of the most preferred ecommerce software that is used by some of the biggest brands in the online commerce industry. That is one of the main reasons why it is at the receiving end of attacks from hackers.

Recently, Magento released new patches and asked all the Magento users to apply them as soon as possible. However, users react a bit slow out of fear of disrupting their flow of online commerce business.

If you are familiar with Murphy’s law, “things will go wrong in any given situation, if you give them a chance,” or more commonly, “whatever can go wrong, will go wrong.” Unfortunately, when you react slowly, you are actually giving a chance for things to go horribly wrong. Additionally, if your are not patching your Magento stores on time, then your website gets compromised and you lose out on sales and trust of customers.

If you are still thinking, what is the worst that can happen, then let me explain what can happen. If your site is not properly patched hackers can inject code in your Magento app and make them work for their own benefit. You may ask, how they can they do that? Let me explain.

I have encountered an issue which was really serious. When applying the latest patch, it occurred that the following file was already compromised app/code/core/Mage/Checkout/controllers/OnepageController.php,  thus the application of the patch failed

The following piece of code was appended in the file:

This code was found inside the public function savePaymentAction() in OnePageController.php. This OnePageController.php is located in app/code/core/Mage/Checkout/controllers/OnepageController.php

Originally, the function should be like this:

Now this added piece of code puts all the Credit Card details in an image, which can be pulled by the hacker. The additional layer of security of Cloudways Managed Magento server means that Cloudways customers remained safe. We strongly suggest you to apply all the patches right away to avoid multiple types of vulnerabilities.

Just imagine, all the credit card information of all your customers leaked! This would spell disaster for you and your Magento ecommerce store.

Start Creating Web Apps on Managed Cloud Servers Now!

Easy Web App Deployment for Agencies, Developers and E-Commerce Industry

About Maaz Shah

Maaz Shah works as System Engineer for Cloudways. His days are spent in tackling technical troubles.

Stay Connected:

You Might Also Like...