Are these Magento security concerns urgent?
-
Hey Mozzers!
I recently started working with a new Magento programmer for our ecommerce site. He sent me this scan/report outlining some security issues that need to be addressed.
This is a new partnership so I'm not sure which issues should be a major concern, or if I should not focus on them. Would you be able to give me your opinion on the importance of the security issues?
https://www.magereport.com/scan/?s=http://metallumcreations.com/
-
Hi localwork!
If Ryan answered your question, would you mind marking his response as a "Good Answer?" It'll get him some bonus MozPoints, and it helps us keep track of things.
-
Thanks for the response Ryan!
Clients are always showing me the spam emails they receive with immediate 'warnings about site security'. Since this is a new partnership with this particular programmer, I couldn't discern whether the issues were important/critical or junk.
Thanks again!
-
It's a best practice to make sure your whatever software your site is using is patched and up to the latest addition. A high risk warning from that page, "Patch SUPEE-6285 fixes a leak where hackers can take over customer's sessions and download lists of your shop's order details through the RSS feature. Released July 7th, 2015." Would certainly be worth fixing.
From an search perspective, Google has stated that security is a ranking signal: https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google.
Beyond our own stuff, we’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure. For instance, we have created resources to help webmasters prevent and fix security breaches on their sites.
We want to go even further. At Google I/O a few months ago, we called for “HTTPS everywhere” on the web.
So making sure your site is secure can have multiple benefits.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Directory concerns - am I right to request nofollow?
A client had taken a free trial on a directory - a niche directory which only takes food related websites. They mentioned, in passing, that the directory listing was replicated across 90 food-relevant "partner" sites [alarm bells!] - some of which use nofollow - some which don't, apparently. The main directory doesn't use nofollow and offers a mix of monthly-fee based listings or free listings. I've demanded a nofollow backlink from the main site and partner sites, or no backlink... what are your thoughts?
Intermediate & Advanced SEO | | McTaggart0 -
Should You Use 301 Redirects When Switching To A Secure SSL Server?
Hi, our client has switched from a non-secure server to a secure (SSL) server.. but the non secure pages still exist, i.e. http://www.stainlesshandrailsystems.co.uk/balustrade-systems.html (non-secure)
Intermediate & Advanced SEO | | Webpresence
https://www.stainlesshandrailsystems.co.uk/balustrade-systems.html (secure) We assumed that we should 301 redirect the http pages to the new https pages using the following htaccess rule; RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R,L] HOWEVER! both of the above pages show the same Page Authority (PA) and Pagerank (PR).. does this mean that they are being seen as the same page, do we really need to employ 301 redirects? Many thanks in advance, much appreciated. 🙂 Lee1 -
Rotating Content Concern on Deep Pages
Hi there, I apologize if I'm too vague, but this is a tough issue describe without divulging too much of our project. I'm working on a new project which will provide information results in sets of 3. Let's say someone wants to find 3 books that match their criteria, either through their organic search which leads them to us, or through their internal search on our site. For instance, if they're looking for classic movies involving monsters, we might display Frankenstein, Dracula, and The Mummy. We'd list unique descriptions about the movies and include lots of other useful information. However, there are obviously many more monster movies than those 3, so when a user refreshes the page or accesses it again, a different set of results show up. For this example, assume we have 5 results to choose from. So it's likely Google will index different results shuffled around. I'm worried about this causing problems down the line with ranking. The meat and potatoes of the page content are the descriptions and information on the movies. If these are constantly changing, I'm afraid the page will look "unstable" to Google since we have no real static content beyond a header and title tag. Can anyone offer any insight to this? Thanks!
Intermediate & Advanced SEO | | kirmeliux0 -
New website strategy concerning Google Spider
Hello, I have a question concerning a new website. What should I do, SEO wise? Should I place all my content on my pages at once? And thus let the spider crawl everything at once? Or should I place my content in different phases? So the spider could crawl my pages multiple times in some days/weeks time? Or do both ways come to the same result? Thank you,
Intermediate & Advanced SEO | | MarikeP0 -
SEO issues with Magento
Hi Everyone, We use Magento CMS for our site and we are having a frustrating time resolving our SEO issues. The site was very poorly managed in years past and in the past year I have redesigned and cleaned up many things. However we are recently having trouble with indexing and keyword ranking. Issue #1: Our main keyword ranking has dropped quite a bit while our other less important keywords have steadily risen. I suspect a very strict robots.txt implemented back in early January may have been the culprit. We have since been modifying it with out much luck. Many of our pages are still blocked. 12/05/12 : ranked 12th 1/09/13: ranked 19th 1/16/13: ranked 35th Now: out of top 50 (52nd) Issue #2: Not a single image is being indexed. We are 0 for 582 according to Webmaster tools. Not sure why... Any help and advice would be greatly appreciated as I have great determination and interest in learning the correct way to fix/do this. Site: www.scojo.com Thanks
Intermediate & Advanced SEO | | t_parrish0 -
URGENT - How to Present New Site Architecture to Development team for implementation
Guys I am not technically savvy. I just want to know how to present the website architecture I want to be implemented on my website... how do I present my suggestions to the development team. For example.... Should I say. Page Level 1 - HOME Page (URL) Page Level 2 - About Us Page Page Level 2 - Feedback Page Page Level 2 - Our Services Page Level 2 - Contact Us Page Page Level 2 - Accounting jobs Page Level 3 - Audting jobs Page level 3 - Junior accouting jobs Page Level 2 - Engineering jobs Page level 3 - architecture jobs Page level 3 - Motor engineering jobs Page Level 2 - IT Jobs Page level 3 - Hardware Jobs Page level 4 - Job Post 1 Page level 4 - Job Post 2 Page level 4 - Job Post 3 Please guide me my fellow MOZZERS.... I really need an answer/guidance at the very earliest. Iwill be truly obliged Regards, Talha
Intermediate & Advanced SEO | | MTalhaImtiaz0 -
Concerns about duplicate content issues with australian and us version of website
My company has an ecommerce website that's been online for about 5 years. The url is www.betterbraces.com. We're getting ready to launch an australian version of the website and the url will be www.betterbraces.com.au. The australian website will have the same look as the US website and will contain about 200 of the same products that are featured on the US website. The only major difference between the two websites is the price that is charged for the products. The australian website will be hosted on the same server as the US website. To ensure Australians don't purchase from the US site we are going to have a geo redirect in place that sends anyone with a AU ip address to the australian website. I am concerned that the australian website is going to have duplicate content issues. However, I'm not sure if the fact that the domains are so similar coupled with the redirect will help the search engines understand that these sites are related. I would appreciate any recommendations on how to handle this situation to ensure oue rankings in the search engines aren't penalized. Thanks in advance for your help. Alison French
Intermediate & Advanced SEO | | djo-2836690 -
Does Google Use Security Seals As A Trust/Ranking Signal
There are quite a few secuirty seals/site safety tools by some big antivirus/trust companies Mcaffe site secuirty, verisign etc. Does Google, or any other big search engines use these as a trust/ranking signal?
Intermediate & Advanced SEO | | rhysmaster0