Month: April 2015
Optimal Static Content Subdomain Configuration
Table of ContentsConfigure DNS Records Create Subdomains/Vhosts Change Magento URLs Secure the vhost Strip Cookies From FilesUsing subdomains for serving static content on your store will improve both performance and cacheability of static assets. Making this change is very straightforward … Continue reading
Implementing Vary:User-Agent
MageStack natively supports the Vary: User-Agent header, however, as it isn't a setting applicable to all stores, it is disabled by default. To enable the User-Agent vary header, you only need to set a single variable in your vhosts configuration, … Continue reading
PCI-DSS SAQ & Responsibility Matrix
Table of ContentsPhysical Architecture SAQ AnswersPCI Compliance is a merchants responsibility. Some questions within your SAQ relate to infrastructure/server configuration, for which you can find the scope and appropriate answer below. Physical Architecture SAQ Answers Section Scope Response Condition 1.1.1 … Continue reading
Identifying and blocking "Bad" Magento traffic
Table of ContentsMagento Connect Config Flush Attack SQL Injection Bad Bots/Crawlers/ScrapersThere's a number of common attacks on Magento stores; that can range from aggressive crawlers/bots, to XSS attacks, to severe SQL/compromise attacks. There are two approaches to dealing with attacks … Continue reading
Rate Limiting Requests
Table of ContentsOptions Enabling Custom Rate Limiter Examples Rate limit AJAX search to 1 request per 10 seconds Rate limit AJAX search to 1 request per 10 seconds, but whitelist given IPs Rate limit AJAX search to 1 request per … Continue reading
Installing Composer
Table of ContentsInstallationSonassi natively supports Composer, you can install and run composer in the conventional way for Linux for a global installation. Installation Composer is installed globally using the default installation method. cd /home/www-data curl -sS https://getcomposer.org/installer | php -- … Continue reading
Correcting incorrect timestamp after server migration
Table of ContentsAfter DB Import Prior to DB Dump/ImportAn issue we (admittedly infrequently) come across when moving Magento stores from one server to another, is when the previous server's time was incorrect - causing all historical order data to be … Continue reading