Security
There are multiple ways to secure your store and maintain your data security:
- Set up two-factor authentication
- Implement CAPTCHA or reCAPTCHA
- Set up a Security Scan for each domain in your ÃÛ¶¹ÊÓƵ Commerce or Magento Open Source installation.
Visit the to get the latest news about potential vulnerabilities, register for ÃÛ¶¹ÊÓƵ Security notifications, and access the ÃÛ¶¹ÊÓƵ Trust Center.
For information about security best practices, see Secure your Commerce Site and Infrastructure in the Implementation Playbook.
Security action plan
If you suspect that your ÃÛ¶¹ÊÓƵ Commerce or Magento Open Source site is compromised, follow this action plan without delay.
-
Diagnose: Run a scan to establish the security status of your Commerce store. Commerce Security Scan is a free service offered by ÃÛ¶¹ÊÓƵ that allows you to monitor your Commerce sites for known security risks and malware, and to receive security notifications.
-
Clean: Hire a or online service to clean your site of all malicious code. Some Commerce community members recommend . Check the
/mediafolder for leftover executable code. Remove all unknown Admin users and reset all Admin passwords. -
Protect: Keep your Commerce installation up to date with the most current release. If you are using an older version, apply all security patches as they become available. Review and follow . Subscribe to .
-
Report: If you think that you have found a specific vulnerability in Commerce, and include technical details.
-
Upgrade: For the additional peace of mind that comes from 24/7 support, plan your upgrade to now.