14 Oct

Patching SUPEE-8788

SUPEE-8788 is an important security update for Magento to address remote code execution and SQL injection vulnerabilities. Unfortunately, Magento have released two versions of SUPEE-8788 due to insufficient testing that lead to conflicts with previous patches. The original SUPEE-6788 patch (released before 14/10/2016) is known as SUPEE-8788 v1 (although, this it is not identified as … Continue reading

10 Apr

Identifying and blocking "Bad" Magento traffic

There's a number of common attacks on Magento stores; that can range from aggressive crawlers/bots, to XSS attacks, to severe SQL/compromise attacks. There are two approaches to dealing with attacks of this nature, Automated - Through the use of a WAF Manual - By traversing log files for patterns and blocking said patterns/sources as necessary … Continue reading

7 Apr

Correcting incorrect timestamp after server migration

An issue we (admittedly infrequently) come across when moving Magento stores from one server to another, is when the previous server's time was incorrect - causing all historical order data to be incorrect on MySQL import. More often than not, we see stores migrated from US West (-7:00) show orders that are in the future … Continue reading

4 Sep

Fix for "No search results" after CLI reindex on Magento Enterprise (SOLR)

Edit shell/abstract.php and add Mage::app()->addEventArea('adminhtml'); public function __construct() { if ($this->_includeMage) { require_once $this->_getRootPath() . 'app' . DIRECTORY_SEPARATOR . 'Mage.php'; Mage::app($this->_appCode, $this->_appType); + Mage::app()->addEventArea('adminhtml'); } $this->_applyPhpVariables(); $this->_parseArgs(); $this->_construct(); $this->_validate(); $this->_showHelp(); }

13 Jul

Simple Magento performance/load testing with Mage-Perftest

Mage-Perftest is a simple Linux command line tool to test the performance of your Magento store, it can perform a number of clever operations which makes it far more suitable than siege or ab. Its not a replacement for fully fledged simulation tools (like jMeter), but it is simple to set up and run. You … Continue reading

16 May

The nolocal theming and packaging methodology

So this will cause ultimate uproar and go against the grain of every Magento developer - but we've got a solid process for theming - that does not use local.xml (more on that later). We always work off the base/default template - but zero out the CSS. Even though all designs don't particularly lend themselves … Continue reading

10 May

Running Magento in PHP 5.4's built-in web server

Whilst this isn't a good idea for a production store, if you want to just experiment or develop locally, this works just fine. Instructions for Debian cat >> /etc/apt/sources.lst <<EOF deb http://packages.dotdeb.org squeeze-php54 all deb-src http://packages.dotdeb.org squeeze-php54 all EOF wget -qO - http://www.dotdeb.org/dotdeb.gpg | apt-key add - apt-get update apt-get install php5-cli php5-mysqlnd php5-mcrypt php5-common … Continue reading

26 Feb

Deconstructing the cache image path on Magento

Deconstructing the cache image path /media/catalog/product/cache/1/image/9df78eab33525d08d6e5fb8d27136e95/m/e/me-d1_2.jpg |___________________________|_|_____|________________________________|_|_|__________| | | | | | | | Cache Directory | | | | | | Mage/Catalog/Model/Product/Media/Config.php | | | | getBaseMediaPath() | | | | | | | | | | | | | | | | | | Store ID | | | | Mage::app()->getStore()->getId() | | … Continue reading