What is this?

Securing Magento is a blog to share news and knowledge about developments in Magento security. It is written for those who develop for and host

What is Magento?

Magento is a popular open source and commercial e-commerce platform.

Magento 2.X is the current version why is most content about Magento 1.X

The intention is to cover both Magento 1.X which is commonly used for many web stores as well as Magento 2.X which is a substantial rewrite with fewer existing stores.

Is this official in any way?

I am not affiliated to Magento Inc in any way and are I am therefore indebted to the work of the developers and maintainers of Magento, so be nice.

There is already official Magento Security News, Why write this stuff?

This content is intended to have slightly different focus to other sites. It details how attacks are performed despite the risk that this information could be used for no good. I feel that this is important to keep security interesting and not a dry maintenance task.

You made a mistake.

Contact me if I get anything wrong or if you have knowledge to share.