Like any other business with a heavy online presence, e-commerce vendors often fall victims of various types of cyber threats. They may come both from outside and inside. Sadly, these two basic types of threats require different prevention measures.
With that in mind, we’ve gathered top security modules from our store in a Magento 2 Security Suite that offers advanced protection from the hacking attacks and admin malpractices.
So what’s in? Let’s check it out!
Security Suite for Magento 2
In 2018, over 70% of all retail attacks hit e-retailers. Besides, some threats come due to admin users’ carelessness. With Magento 2 Security Suite, you’ll address both. The Suite comprises 4 Magento 2 extensions:
Main features
- Protect your site from suspicious traffic with no damage to UX: Google reCaptcha analyzes the requests and sends quizzes only in case of weird traffic, so valid users can navigate your store with no interruptions.
- Provide seamless shopping experience for registered customers: enable reCaptcha for guest visitors only saving their time and efforts.
- Auto-delete annoying messages from bots and spammers: add invisible reCaptcha to registration, comment, review and other forms to save time on processing.
- Keep track of all admins’ activities in the store backend: see who logged in, see the actions performed, check the changes in detail, restore them to the initial state.
- Monitor admins’ sessions in real time to stop any suspicious session in a click.
- Enable admin’s page visit history to see order comments made by admins.
- Keep an eye on all login attempts: view all login attempts and their recaps (e.g.IP, store location) on an easy-to-use grid.
- Stay in the know of login attempts to timely prevent threats: choose a template and enable automatic emails to inform you about Successful, Unsuccessful and Suspicious login.
- Boost store immunity to major cyber threats: add an extra layer of business account protection and ensure prevention from 99% of malicious attacks.
- Ensure protection even if your credentials got exposed: hackers won’t be able to access your account without Google Authenticator code that changes every 30 secs.
- Make sure critical business data stays sealed: set up 2FA for certain admin roles.
- Set up a white API list to spare complex authentication for selected users.
- Give your admins access only to a limited number of store sections: specify Role resources relevant to each admin role and select the permitted actions.
- Prevent irrelevant changes and mistakes: specify the Access Scope for each role – allow all websites or specify particular websites and store views.
Summing up
This time we concentrated on providing comprehensive e-store security. We selected 4 Magento 2 modules and united them in a reliable Security Suite. The Suite aims to shield your store both from malicious hacking attacks and admin carelessness.
So does it work for you?
Please leave a comment below!
Without Product Purchase management module aka Procurement Management Magento 2 even with MSI is almost uselss. Its just virtual play where you can modify stock without any real tracking stock movements and purchases.
I would pay for extension that ads Product purchase and stock movements options to Magento MSI features
Hi Tomek, thanks for reading and sharing your opinion, it’s very valuable for us! The functionality of our Advanced MSI you are talking about is already a part of our development team plans. As you may see, we go on adding new features and extending the extension functionality. You can learn it directly from the product changelog or from the monthly updates post. Now we are working on the module to calculate shipping costs taking into account the warehouses. So, the needed feature will soon be included in the functionality. Please, feel free to share all your desires regarding any… Read more »