Magento EOL: Am I able to retain PCI Compliance on Magento 1?
With Magento’s end of life (EOL) fast approaching we’ve had some clients raise the question – ‘Are we still PCI compliant after June?’. PCI compliance can be very ambiguous with the PCI Council rarely commenting on specifics. This has led some actors to jump in and claim that they’ll look after clients wanting to stay … Continue reading
Debugging Magento 2 Varnish
Magento 2 comes with two options for full page cache (FPC), Built In Varnish Its worth noting that only dynamic content is cached with Magento 2 - and that we don't recommend using Varnish to cache static content. There's nil performance benefit and it will actually reduce performance as Varnish is overburdened with static assets … Continue reading
Magento 2 Myth Busting: Solving 5 Common Migration Issues
Magento 1 will reach its official end of life in June 2020. We know, we know, you’ve already heard that sentence a thousand times over since Magento made the announcement last September. But hear us out, we’re not here to go over Magento 1 end of life again, we’re here to talk about what the … Continue reading
Magento 1 End of Life? Confirmed... Sort of.
In June 2017, we published an article outlining the reasons why we believed Magento 1 end of life wouldn’t be happening anytime soon. Now we’re back, reviewing the topic again to see how our opinions and recommendations have changed in the last 2 years. To recap, we wrote our original article in response to concerns … Continue reading
Patching Magento SUPEE-10975
SUPEE-10975 is an important security update for Magento to address remote code execution and SQL injection vulnerabilities. Where to download Its best downloading the patch from the Magento.com download section - or via MDA - the Magento download tool (this is what this guide will use). Dependencies SUPEE-10975 Applying the patch The application of this … Continue reading
SSL Doesn't mean secure
Holy bait-title Batman. Okay, I'll hold my hands up and say that the first word in SSL is literally the word "Secure", so what I'm actually saying is that SSL alone doesn't mean security. Security is one of the four pillars that we promote at Sonassi; we are huge advocates in educating merchants as to … Continue reading
Announcing Accelerated HTTP2
MageStack's powerful and free CDN has supported HTTP/2 for a long while now, but its a feature we've been desperate to add to the wider stack, so that the full request stream can be delivered over HTTP/2. Part of the delay for this was waiting on full vendor support from some underlying applications that we … Continue reading
Patching Magento SUPEE-10888
SUPEE-10888 is an important security update for Magento to address remote code execution and SQL injection vulnerabilities. Where to download Its best downloading the patch from the Magento.com download section - or via MDA - the Magento download tool (this is what this guide will use). Dependencies SUPEE-10888 Applying the patch The application of this … Continue reading
Patching Magento SUPEE-10752
SUPEE-10752 is an important security update for Magento to address remote code execution and SQL injection vulnerabilities. Where to download Its best downloading the patch from the Magento.com download section - or via MDA - the Magento download tool (this is what this guide will use). Dependencies SUPEE-10570 Applying the patch The application of this … Continue reading
FAQ: How does the MageStack WAF compare to commercial products?
"Ask Sonassi" are excerpts taken from email responses to customer enquiries, used to quickly help inform you as a customer Does MageStack's WAF contain reports and information about threats and attacks blocked in a similar manner to Incapsula? Whilst we offer a very comprehensive firewall policy, I’ll be honest, we’re not here to rival Incapsula … Continue reading