Magento

Table of ContentsMagento Connect Config Flush Attack SQL Injection Bad Bots/Crawlers/ScrapersThere's a number of common attacks on Magento stores; that can range from aggressive crawlers/bots, to XSS attacks, to severe SQL/compromise attacks. There are two approaches to dealing with attacks of this nature, Automated - Through the use of a WAF Manual - By traversing … Continue reading

Table of ContentsAfter DB Import Prior to DB Dump/ImportAn issue we (admittedly infrequently) come across when moving Magento stores from one server to another, is when the previous server's time was incorrect - causing all historical order data to be incorrect on MySQL import. More often than not, we see stores migrated from US West … Continue reading

Edit shell/abstract.php and add Mage::app()->addEventArea('adminhtml'); public function __construct() { if ($this->_includeMage) { require_once $this->_getRootPath() . 'app' . DIRECTORY_SEPARATOR . 'Mage.php'; Mage::app($this->_appCode, $this->_appType); + Mage::app()->addEventArea('adminhtml'); } $this->_applyPhpVariables(); $this->_parseArgs(); $this->_construct(); $this->_validate(); $this->_showHelp(); }

We recently needed to try and identify all HTTPS URI's in a customer's store and had to quickly write a script to scan the core, local and community directories to find any pages that used HTTPS. This is by no means 100% accurate, but will be a good starter indication of finding URL's that are … Continue reading

Table of ContentsDownloading Mage-Perftest Using Mage-Perftest Examples of use Generate Sitemaps on MageStackMage-Perftest is a simple Linux command line tool to test the performance of your Magento store, it can perform a number of clever operations which makes it far more suitable than siege or ab. Its not a replacement for fully fledged simulation tools … Continue reading