Are these Magento security concerns urgent?
-
Hey Mozzers!
I recently started working with a new Magento programmer for our ecommerce site. He sent me this scan/report outlining some security issues that need to be addressed.
This is a new partnership so I'm not sure which issues should be a major concern, or if I should not focus on them. Would you be able to give me your opinion on the importance of the security issues?
https://www.magereport.com/scan/?s=http://metallumcreations.com/
-
Hi localwork!
If Ryan answered your question, would you mind marking his response as a "Good Answer?" It'll get him some bonus MozPoints, and it helps us keep track of things.
-
Thanks for the response Ryan!
Clients are always showing me the spam emails they receive with immediate 'warnings about site security'. Since this is a new partnership with this particular programmer, I couldn't discern whether the issues were important/critical or junk.
Thanks again!
-
It's a best practice to make sure your whatever software your site is using is patched and up to the latest addition. A high risk warning from that page, "Patch SUPEE-6285 fixes a leak where hackers can take over customer's sessions and download lists of your shop's order details through the RSS feature. Released July 7th, 2015." Would certainly be worth fixing.
From an search perspective, Google has stated that security is a ranking signal: https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google.
Beyond our own stuff, we’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure. For instance, we have created resources to help webmasters prevent and fix security breaches on their sites.
We want to go even further. At Google I/O a few months ago, we called for “HTTPS everywhere” on the web.
So making sure your site is secure can have multiple benefits.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Disavow straightaway? - Urgent
Is there any implication with disavowing straightaway from Google's perspective? I know good practice is to request removal from the web host, however I don't have the time to contact and process the requests. Any thoughts?
Intermediate & Advanced SEO | | seoman100 -
Trailing Slashes for Magento CMS pages - 2 URLS - Duplicate content
Hello, Can anyone help me find a solution to Fixing and Creating Magento CMS pages to only use one URL and not two URLS? www.domain.com/testpage www.domain.com/testpage/ I found a previous article that applies to my issue, which is using htaccess to redirect request for pages in magento 301 redirect to slash URL from the non-slash URL. I dont understand the syntax fully in htaccess , but I used this code below. This code below fixed the CMS page redirection but caused issues on other pages, like all my categories and products with this error: "This webpage has a redirect loop ERR_TOO_MANY_REDIRECTS" Assuming you're running at domain root. Change to working directory if needed. RewriteBase / # www check If you're running in a subdirectory, then you'll need to add that in to the redirected url (http://www.mydomain.com/subdirectory/$1 RewriteCond %{HTTP_HOST} !^www. [NC]
Intermediate & Advanced SEO | | iamgreenminded
RewriteRule ^(.*)$ http://www.mydomain.com/$1 [R=301,L] Trailing slash check Don't fix direct file links RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_URI} !(.)/$
RewriteRule ^(.)$ $1/ [L,R=301] Finally, forward everything to your front-controller (index.php) RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [QSA,L]0 -
Magento Store Using Z-Blocks - Impact on SEO?
Hi Guys, I have a question relating to Z-Blocks in Magento. Our Magento store uses a lot of Z-Blocks, these are bits of content that are switched off and on depending on a customer’s user group. This allows us to target different offers and content to new customers (not logged in) and existing customers (logged in). Does anyone have any experience in how this impacts SEO? Thanks in advance!
Intermediate & Advanced SEO | | CarlWint0 -
Magento products and eBay - duplicate content risk?
Hi, We are selling about 1000 sticker products in our online store and would like to expand a large part of our products lineup to eBay as well. There are pretty good modules for this as I've heard. I'm just wondering if there will be duplicate content problems if I sync the products between Magento and eBay and they get uploaded to eBay with identical titles, descriptions and images? What's the workaround in this case? Thanks!
Intermediate & Advanced SEO | | speedbird12290 -
Recommended e-commerce site search for Magento?
Does anyone have recommendations for any particular site searches for large e-commerce sites based on Magento? Some (hopeful) requirements: Possibility to segment product pages and blog content on results page Doesn't cause any major SEO or technical issues Understands semantic search Ability to filter results Ability to sort (e.g. by price, popularity, new in stock) It'd be really useful to see examples and know if there are any particular issues to be aware of. Thanks. 🙂
Intermediate & Advanced SEO | | Alex-Harford0 -
Duplicate Title - Magento Products / Kunena Forum - Nofollow vs. Follow
Hello Mozzers! This is my first post so hopefully I can explain this in a way that is clear! I just signed up for my PRO membership and wanted to finally start hacking away at this companies site that I work for. I ran my report and noticed my Crawl Diagnostics: 715 Dupliate Page Titles I noticed that a lot those were coming from the customer login in magento. So I added the: User-agent: *Disallow:/customer/ as mentioned in this link: http://stackoverflow.com/questions/10742052/duplicate-content-issues-for-login-page Any suggestions on that? Also, We have a Kunena forum on our site and have noticed all of the nofollow links. People say I should change them to follow links, but other people say leave them or I will get penalized. Any advice would be greatly appreciated!
Intermediate & Advanced SEO | | NRMWEBWORKS0 -
Redirecting Canonical 301s and Magento Website
I have an issue with a client's website where it has 3700+ pages, but roughly half of them are duplicates. Thankfully, the only difference between the original and the duplictes is the "?print" at the end of each URL (I suppose this is Magento's way of making a printable page version of the same page. I don't know, I didn't build it.) My questions is, how can I get all the pages like this http://www.mycompany.com/blah.html?print to redirect to pages like this... http://www.mycompany.com/blah.html Also, do they NEED to be Canonical, or will a 301 redirect be sufficient. Also, after having done this, if anybody knows, is there a way I can turn that feature off in Magento, because we're expanding our product line, and I don't want to have to keep chasing after these "?print" pages after the fact.
Intermediate & Advanced SEO | | ClifThompson0 -
SEO value of Articles, Magento vs. Wordpress?
Our e-commerce site is running on the Magento platform while the blog for the site is integrated and is on the Wordpress platform. The blog is not on a separate subdomain, so it is on www.website.con/blog. What I wonder is how Google treats information on a Wordpress blog compared to pages created in the Magento CMS pages. Would a high quality content article posted as a blog post on the Wordpress have a lower SEO value than a page on the Magento? Thanks.
Intermediate & Advanced SEO | | ikomorin0