Sucuri reports an stored cross site scripting (XSS) vulnerability in Magento CE <126.96.36.199 and Magento EE <188.8.131.52. This vulnerability affects almost every install of these versions, time to upgrade your Magento webshop!
Does Magento 2 throw an error about
always_populate_raw_post_data being set to
0? And are you having problems installing or updating Magento with PHP 5.6 and PHP 7? Then read on, because here is how to fix upgrades to Magento 2.0 in PHP 5.6 and higher: PHP 7+.
Web security firm Sucuri reports on their blog, that over 50% of all Magento installations haven’t applied a critical security patch (SUPEE-5344). Leaving them open to attacks. The security patch, to address a remote command execution (RCE) vulnerability, was released back in February.
Important Magento maintenance, now for IIS too: optimize the speed and performance of your Magento ecommerce webshop by carrying out important maintenance. Remove old MySQL database log files and Magento cache data on a regular basis.