Are these Magento security concerns urgent?
-
Hey Mozzers!
I recently started working with a new Magento programmer for our ecommerce site. He sent me this scan/report outlining some security issues that need to be addressed.
This is a new partnership so I'm not sure which issues should be a major concern, or if I should not focus on them. Would you be able to give me your opinion on the importance of the security issues?
https://www.magereport.com/scan/?s=http://metallumcreations.com/
-
Hi localwork!
If Ryan answered your question, would you mind marking his response as a "Good Answer?" It'll get him some bonus MozPoints, and it helps us keep track of things.
-
Thanks for the response Ryan!
Clients are always showing me the spam emails they receive with immediate 'warnings about site security'. Since this is a new partnership with this particular programmer, I couldn't discern whether the issues were important/critical or junk.
Thanks again!
-
It's a best practice to make sure your whatever software your site is using is patched and up to the latest addition. A high risk warning from that page, "Patch SUPEE-6285 fixes a leak where hackers can take over customer's sessions and download lists of your shop's order details through the RSS feature. Released July 7th, 2015." Would certainly be worth fixing.
From an search perspective, Google has stated that security is a ranking signal: https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google.
Beyond our own stuff, we’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure. For instance, we have created resources to help webmasters prevent and fix security breaches on their sites.
We want to go even further. At Google I/O a few months ago, we called for “HTTPS everywhere” on the web.
So making sure your site is secure can have multiple benefits.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
SEO rank down after Magento migration
Since November we migrated our shop from Magento 1 to 2 and our organic traffic has dropped by 50%. We still haven't figured out the cause (or a solution). Are there more Magento users who have the same issue? Charlotte (www.dochorse.nl)
Intermediate & Advanced SEO | | DocHorse0 -
(Urgent) losing traffic after 301 redirect
We face a seo problem of losing traffic after 301 redirect.We have used 301 redirect from a sub-domain url to main domain, after a few month, we discovered that the traffic in google is dropped 40% as well as yahoo dropped 50% without reason, we have updated sitemap already, but we cannot find any reason for the traffic dropped till now..The original url (more then 5000 links)https://app.example.com/ebook Redirected Urlhttps://www.example.com/ebookThank you for your help!
Intermediate & Advanced SEO | | yukung0 -
Combining two existing sites into a single magento install
Hi, We run an online beauty ecommerce store and recently acquired one of our competitors. Their site runs on magento also, and they sell 70% the same product as us. We plan to merge the new site into our existing magento install but keep both sites looking exactly as they do now with different themes, different product names, product descriptions, product prices, category structures etc. In theory the customer would have no idea both sites from the same magento, they will look just as they do now. My question is, will google possibly slap the SERP's of either sites because we have combined them onto the same server and same magento install, even though nothing on either site actually changed on the front end. Both sites already have the same ownership information on the domain WHOIS, and a quick company search would reveal that we legally own both businesses under the same company. So it's not something we are trying to hide, we are open about it, and plan to continue running both sites long term, with each site being targeted to a slightly difference audience, with 30% different products at different price points. Has anyone done this before? Was there any SEO risks or SERP drops? Would love some advice on this matter before we make the move, the possible blow back is way too massive to do it without firm advice saying the risk is very low. Brad.
Intermediate & Advanced SEO | | rec1230 -
Directory concerns - am I right to request nofollow?
A client had taken a free trial on a directory - a niche directory which only takes food related websites. They mentioned, in passing, that the directory listing was replicated across 90 food-relevant "partner" sites [alarm bells!] - some of which use nofollow - some which don't, apparently. The main directory doesn't use nofollow and offers a mix of monthly-fee based listings or free listings. I've demanded a nofollow backlink from the main site and partner sites, or no backlink... what are your thoughts?
Intermediate & Advanced SEO | | McTaggart0 -
Best practices on setting up multi country Magento store
We run Magento and we're in the process of redesigning our site. We want the site to have separate storefronts for different countries, however we won't have the site language translated initially. We're thinking we'll use the Magento multi-store feature and have sites like /fr, /de /en-us, /en-au, etc. Is the best practice to use hreflang and for the non-english stores which haven't yet been translated? For example set them as, for French users: Essentially saying, the page is aimed at French people, but is in English. The separate storefronts will have things like currency and tax localised to each country and will gradually be getting translated, especially the more generic stuff like "Add to Cart", "Checkout" etc. Or, should it be targeted at French language and country, despite not all being translated into French? Or is there a better way to do this?
Intermediate & Advanced SEO | | seanmccauley0 -
Indexing falling/search queries the same - concerned
Hello, I posted abou this a few days ago but didn't really get anywhere and now have new information after looking into it more. This is my site - http://www.whosjack.org My page indexing has been falling steadily daily currently from thousands of pages indexed to just a couple of hundred. My search queries don't seem to be currently affected, I have done crawl tests to see if the site can be crawled and put the site:whosjack.org into Google and had 12,000 results come back when goole has said it has indexed 133 and falling. However all pages indexed on the site:whosjack.org search seem to be stories with just two words in the title? I am sure I am missing out on traffic here but can't work out what the issue is and how to fix it. I have no alerts on my dashboard and when I submit sitemaps to webmaster tools I get 15,115 URLs submitted 12,088 URLs indexedwhich cant be bad?Any help/suggestions really appreciated.
Intermediate & Advanced SEO | | luwhosjack0 -
Whats the best way to remove search indexed pages on magento?
A new client ( aqmp.com.br/ )call me yestarday and she told me since they moved on magento they droped down more than US$ 20.000 in sales revenue ( monthly)... I´ve just checked the webmaster tool and I´ve just discovered the number of crawled pages went from 3.260 to 75.000 since magento started... magento is creating lots of pages with queries like search and filters. Example: http://aqmp.com.br/acessorios/lencos.html http://aqmp.com.br/acessorios/lencos.html?mode=grid http://aqmp.com.br/acessorios/lencos.html?dir=desc&order=name Add a instruction on robots.txt is the best way to remove unnecessary pages of the search engine?
Intermediate & Advanced SEO | | SeoMartin10 -
Suggest some bes seo extensions for magento
hii i am new to eCommerce . i am planning launch my shopping website that sells multiple products like amazon in magneto . can any one please suggest me some best and necessary magneto extension for seo and extensions that help increases the sales . 2)best seo tactics that need to be followed for muti product ecommerce site seo please specify the keyword for the seo methods i will research about them like .product level leverage
Intermediate & Advanced SEO | | prakash.moturu0