Are these Magento security concerns urgent?
-
Hey Mozzers!
I recently started working with a new Magento programmer for our ecommerce site. He sent me this scan/report outlining some security issues that need to be addressed.
This is a new partnership so I'm not sure which issues should be a major concern, or if I should not focus on them. Would you be able to give me your opinion on the importance of the security issues?
https://www.magereport.com/scan/?s=http://metallumcreations.com/
-
Hi localwork!
If Ryan answered your question, would you mind marking his response as a "Good Answer?" It'll get him some bonus MozPoints, and it helps us keep track of things.
-
Thanks for the response Ryan!
Clients are always showing me the spam emails they receive with immediate 'warnings about site security'. Since this is a new partnership with this particular programmer, I couldn't discern whether the issues were important/critical or junk.
Thanks again!
-
It's a best practice to make sure your whatever software your site is using is patched and up to the latest addition. A high risk warning from that page, "Patch SUPEE-6285 fixes a leak where hackers can take over customer's sessions and download lists of your shop's order details through the RSS feature. Released July 7th, 2015." Would certainly be worth fixing.
From an search perspective, Google has stated that security is a ranking signal: https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google.
Beyond our own stuff, we’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure. For instance, we have created resources to help webmasters prevent and fix security breaches on their sites.
We want to go even further. At Google I/O a few months ago, we called for “HTTPS everywhere” on the web.
So making sure your site is secure can have multiple benefits.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Magento & Accelerated Mobile Pages
Hi Folks, With Google rolling out changes to AMP & webmasters being encouraged to implement AMP.
Intermediate & Advanced SEO | | Patrick_556
Has anyone had any experiences implementing AMP for Magento Ecommerce. I understand that AMP is primary for articles & blog posts, but assuming AMP could be implemented on Product Pages, they would load faster & offer a better user experience & a step in the right direction What do you guys think? Many Thanks,
Patrick0 -
Help with facet URLs in Magento
Hi Guys, Wondering if I can get some technical help here... We have our site britishbraces.co.uk , built in Magento. As per eCommerce sites, we have paginated pages throughout. These have rel=next/prev implemented but not correctly ( as it is not in is it in ) - this fix is in process. Our canonicals are currently incorrect as far as I believe, as even when content is filtered, the canonical takes you back to the first page URL. For example, http://www.britishbraces.co.uk/braces/x-style.html?ajaxcatalog=true&brand=380&max=51.19&min=31.19 Canonical to... http://www.britishbraces.co.uk/braces/x-style.html Which I understand to be incorrect. As I want the coloured filtered pages to be indexed ( due to search volume for colour related queries ), but I don't want the price filtered pages to be indexed - I am unsure how to implement the solution? As I understand, because rel=next/prev implemented ( with no View All page ), the rel=canonical is not necessary as Google understands page 1 is the first page in the series. Therefore, once a user has filtered by colour, there should then be a canonical pointing to the coloured filter URL? ( e.g. /product/black ) But when a user filters by price, there should be noindex on those URLs ? Or can this be blocked in robots.txt prior? My head is a little confused here and I know we have an issue because our amount of indexed pages is increasing day by day but to no solution of the facet urls. Can anybody help - apologies in advance if I have confused the matter. Thanks
Intermediate & Advanced SEO | | HappyJackJr0 -
Ranking with subdomain - Urgent
Does anyone have any experience if it is possible to get a website ranking on a subdomain? I'm trying out a business idea and need to keep costs to an absolute minimum. I have a site which I designed in wix.com they give a free subdomain and I want to know if there's any chance of getting it to rank Thanks
Intermediate & Advanced SEO | | seoman100 -
Disavow straightaway? - Urgent
Is there any implication with disavowing straightaway from Google's perspective? I know good practice is to request removal from the web host, however I don't have the time to contact and process the requests. Any thoughts?
Intermediate & Advanced SEO | | seoman100 -
Looking for SEO Help- Magento Temporary Redirects
We recently launched a new site (www.CanyonOS.com) on Magento Enterprise. We have run several crawl tests with Moz and keep receiving 302 redirect errors. We've used the admin console for our site to apply 301 redirects in every area that we could but have had no success. (Last audit was completed on August 14) We are receiving 301 redirects on the following types of pages totaling 43k issues 😞 A majority of these issues are when adding and comparing products to the following types of urls. domain.com**/catalog/**product_compare/ domain.com**/wishlist/**index/add/product/ domain.com**/checkout/**cart/add/ Any suggestions from any SEO gurus? Best,
Intermediate & Advanced SEO | | CanyonOS0 -
Magento products and eBay - duplicate content risk?
Hi, We are selling about 1000 sticker products in our online store and would like to expand a large part of our products lineup to eBay as well. There are pretty good modules for this as I've heard. I'm just wondering if there will be duplicate content problems if I sync the products between Magento and eBay and they get uploaded to eBay with identical titles, descriptions and images? What's the workaround in this case? Thanks!
Intermediate & Advanced SEO | | speedbird12290 -
Magento E-Commerce Crawl Issues
Hi Guys, First post here! I am responsible for a Magento e-commerce store and there are a few crawl issues and potential solutions that I am working and would like to get some advice to see if you agree with my approach. Old Product Pages - The majority of our stock is seasonal, therefore when a product sells out, it is not usually going to come back into stock. However the approach for Magento websites is to leave the page present but take the product off the category pages, so users can still find these pages from the search engines and they are orphaned pages as not linked to from elsewhere and not totally clear products are out of stock (just doesn't show the size pulldown or 'Add to Basket' button). There is no process in place to 301 redirect these pages either. My solution to this problem is to: 1. Change design of these pages so a clear message is shown to users that the product is out of stock and suggest related products to reduce bounce rates. I was also planning on having a link from an 'Out of Stock' page on the site to these products so they are orphaned but is this required do you think? 2. When I know for sure (e.g. over a month) that the product will not be returned (e.g. refund) by the user, then 301 redirect the product pages back to category page. How do other users 301 redirect their pages in Magento, I would like an easy to use system. Crawl Errors Identified in Google Webmaster Tools It seems in the last 2 weeks there has been a sharp increase in the number of soft 404 pages identified on the website. When I inspect these pages they seem to be categories and sub categories that no longer have any products in them. However, I don't want to delete these pages as new products might come in and go onto these category pages, therefore how should I approach this? A suggestion I have thought of is to put related products on to these pages? Any better ideas? Thanks, Graeme
Intermediate & Advanced SEO | | graeme19940 -
Changing domain for a magento store
Hi all, wondering if i could gather some views on the best approach for this please... We currently have a magento site up with about 150,000 pages (although only 9k indexed in Google as product pages are set to no index by default until the default manufacturer description has been rewritten). The indexed pages are mainly category pages, filtering options and a few search results. While none of the internal pages have massive DA - seem to average about 18-24 which isn't too bad for internal pages, I guess - I would like to transfer as much of this over to the new domain. My question is, is it really feasible to have an htaccess with about 10,000 301 redirects on the current domain? The server is pretty powerful so could probably serve the file without issue but would Google be happy with that? Would it be better to use the change url option in WMT instead. Ive never used that so not sure how that would work in this cause. Would it redirect users too? As a footnote, the site is changing because of branding reasons and not because of a penalty of the site. Thanks, Carl
Intermediate & Advanced SEO | | daedriccarl0