SSH warnings when working with multiple stacks

If you have multiple separate stacks with Sonassi, you will find that connecting to different stacks and accessing SSH is going to trigger a warning, WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! This is caused by the fact all MageStack stacks … Continue reading

Optimise Images

There is a native tool in MageStack to losslessly optimise images. This means images use less disk space and are served to the customer faster - without losing any quality. The utility can be accessed by running, image_optimise.sh Only a … Continue reading

Optimal Static Content Subdomain Configuration

Using subdomains for serving static content on your store will improve both performance and cacheability of static assets. Making this change is very straightforward and can be completed in a few minutes. In this example, we'll assume the domain is … Continue reading

Installing/Using Composer

MageStack natively supports Composer and comes with a built in installer for the tool. Running in a Wrapper As with all tools run by command line, they need to be run in a wrapper to guarantee the application is running … Continue reading

Reset File Permissions In Domain Group

MageStack provides extremely consistent file permissions across all services (SSH/FTP/Web) when used correctly. However, misuse/abuse of the root user or incorrectly manually set permissions can lead to both security and stability problems. A script to reset permissions can be found … Continue reading

Hardening/Securing your Magento Store

Magento is a secure application out-of-the-box, but it should be supplemented by further measures to ensure it is as secure as possible. Below is a series of steps on securing/hardening your Magento store. Do not use the root account or … Continue reading

Audit Logging

MageStack performs a number of different automated audits for security purposes, this includes access, file changes and PHP code differentials. The data is stored in the logs directory for the respective host it applies to. Access Type Host Magento vulnerability … Continue reading

Securely running cron tasks

The isolation of web server and access server in MageStack provides excellent security for your SSH/FTP (access) environment from that of the web. The automated element that connects the web server, to the access server is the Magento document root, … Continue reading

Adding an SSH user

Adding a SSH user is performed via SSH. Log into your acc server and switch user to root su -l root /microcloud/scripts_ro/create_ssh_user.sh -h There are a number of options that can be supplied to create a SSH user create_ssh_user.sh Usage: … Continue reading

Analysing DOS blocks by country

It can unfortunately be a common occurrence that certain countries are a source of DOS attacks or aggressive crawl bots. It is also possible that these countries do not form part of your target demographic, and as such, it isn't … Continue reading