magento spring clean - pushon
TRANSCRIPT
Security - Mage Level
● Checking log files for signs of brute force or suspicious IP addresses
● Check files for signs of backdoor signatures
● Check for signs of plain text payment/user CC details
● Patches
● Regular password changes
● Regular admin vetting
● Regular admin URL change
● Two-factor authentication
Security - Server Level
● Check for suspicious users and SSH keys
● Check last logged in users
● Patches
● Regular password changes
● Regular admin vetting
● Firewall rules
Security - Business/Client Layer
● Are staff taking their personal security seriously?
● Passwords in inboxes are a No! No!
● Same applies to other tools such as FTP clients
● Other in-house protocols
● Client protocols
Maintenance
● Filesystem housekeeping
● Security Patch review & Installations
● Review Magento users
● Server Review
● Magento security scan
● Website performance testing
Performance
● Mage Level - APM/Server monitoring
● Server Level - Load testing
● Server Level - Load History
● Server Level - Review of patterns of issues
● Ecosystem Layer - External API’s performing well?
● Ecosystem Layer - Is analytics set up correctly
Performance
● HTML/JS & CSS Validation
● JS Error console issues
● Traffic review
● Image optimisation
● File permissions/ownership
Contact
Liverpool OfficeSuite 4
Church House
1 Hanover Street
Liverpool
L1 3DN
Ollie Hunt
+44 (0) 7931 818383
@devteamuk