Are these Magento security concerns urgent?
-
Hey Mozzers!
I recently started working with a new Magento programmer for our ecommerce site. He sent me this scan/report outlining some security issues that need to be addressed.
This is a new partnership so I'm not sure which issues should be a major concern, or if I should not focus on them. Would you be able to give me your opinion on the importance of the security issues?
https://www.magereport.com/scan/?s=http://metallumcreations.com/
-
Hi localwork!
If Ryan answered your question, would you mind marking his response as a "Good Answer?" It'll get him some bonus MozPoints, and it helps us keep track of things.
-
Thanks for the response Ryan!
Clients are always showing me the spam emails they receive with immediate 'warnings about site security'. Since this is a new partnership with this particular programmer, I couldn't discern whether the issues were important/critical or junk.
Thanks again!
-
It's a best practice to make sure your whatever software your site is using is patched and up to the latest addition. A high risk warning from that page, "Patch SUPEE-6285 fixes a leak where hackers can take over customer's sessions and download lists of your shop's order details through the RSS feature. Released July 7th, 2015." Would certainly be worth fixing.
From an search perspective, Google has stated that security is a ranking signal: https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google.
Beyond our own stuff, we’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure. For instance, we have created resources to help webmasters prevent and fix security breaches on their sites.
We want to go even further. At Google I/O a few months ago, we called for “HTTPS everywhere” on the web.
So making sure your site is secure can have multiple benefits.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Ranking with subdomain - Urgent
Does anyone have any experience if it is possible to get a website ranking on a subdomain? I'm trying out a business idea and need to keep costs to an absolute minimum. I have a site which I designed in wix.com they give a free subdomain and I want to know if there's any chance of getting it to rank Thanks
Intermediate & Advanced SEO | | seoman100 -
Problems in indexing a website built with Magento
Hi all My name is Riccardo and i work for a web marketing agency. Recently we're having some problem in indexing this website www.farmaermann.it which is based on Magento. In particular considering google web master tools the website sitemap is ok (without any error) and correctly uploaded. However only 72 of 1.772 URL have been indexed; we sent the sitemap on google webmaster tools 8 days ago. We checked the structure of the robots.txt consulting several Magento guides and it looks well structured also.
Intermediate & Advanced SEO | | advmedialab
In addition to this we noticed that some pages in google researches have different titles and they do not match the page title defined in Magento backend. To conclude we can not understand if this indexing problems are related to the website sitemap, robots.txt or something else.
Has anybody had the same kind of problems? Thank you all for your time and consideration Riccardo0 -
SEO Concerns From Moving Mobile M Dot site to Responsive Version?
I currently have my mobile site set up as a m dot site. I have designed a new responsive/adaptive version of my desktop site I would like to start using. When I search from google on mobile, my website is indexed as the m dot site. When I make the switch, this will no longer be the case as I will only have one url for both mobile and desktop. The m dot url's will no longer work. Are there any SEO consequences from making this shift?
Intermediate & Advanced SEO | | mikeylong70 -
New website strategy concerning Google Spider
Hello, I have a question concerning a new website. What should I do, SEO wise? Should I place all my content on my pages at once? And thus let the spider crawl everything at once? Or should I place my content in different phases? So the spider could crawl my pages multiple times in some days/weeks time? Or do both ways come to the same result? Thank you,
Intermediate & Advanced SEO | | MarikeP0 -
Whats the best way to remove search indexed pages on magento?
A new client ( aqmp.com.br/ )call me yestarday and she told me since they moved on magento they droped down more than US$ 20.000 in sales revenue ( monthly)... I´ve just checked the webmaster tool and I´ve just discovered the number of crawled pages went from 3.260 to 75.000 since magento started... magento is creating lots of pages with queries like search and filters. Example: http://aqmp.com.br/acessorios/lencos.html http://aqmp.com.br/acessorios/lencos.html?mode=grid http://aqmp.com.br/acessorios/lencos.html?dir=desc&order=name Add a instruction on robots.txt is the best way to remove unnecessary pages of the search engine?
Intermediate & Advanced SEO | | SeoMartin10 -
Does Having 3 Websites On Magento Affect Domain Authority?
We have a client who has 3 separate websites targeting the US, Australia, and the UK. Each of them has relevant ccTLD's such as: .com .com.au and .co.uk. Our client wants to use the Magento multi-site function so it combines all the stores (which are the exact same products) and merge it into one through Magento. Will this affect his Domain Authority? Or would they be treated as individual when receiving link value, trust, authority? There doesn't seem a lot information out there about this can anyone help? Thanks, Matt
Intermediate & Advanced SEO | | HigherthanSEO0 -
Temporary Redirects on Magento
I've recently taken over a client who uses the Magento platform and there was definitely a duplicate issue with his homepage. It redirected www to non www, however the canonical tag was setup wrong and pointing to the www version. When I looked at OSE for both versions the non www has only 7 linking domains and a page authority of 32. The www version has 24 linking domains and page authority of 39. As the domain is fairly new, I decided to redirect the non www to www and keep the canonical the same. (I changed the internal linking structure etc). When I run both URLs through this tool: http://www.ragepank.com/redirect-... it's returning a whole bunch of 302, rather than 301 redirects. What's the deal with that? Is that a Magento setting that I can fix or something a little harder? I'm not sure if it's proper etiquette to post the URL of a client, so if that would help and is OK, please let me know. Thanks
Intermediate & Advanced SEO | | bradkrussell1 -
Sitemap or Sitemaps for Magento and Wordpress?
I'm trying to figure out what to do with our sitemap situation. We have a magento install for our shopping cart
Intermediate & Advanced SEO | | chrishansen
sdhydroponics.com
and a wordpress install on
sdhydroponics.com/resources In Magento we get the XML sitemap manually by going to Catalog => Google Sitemap => Add Sitemap In wordpress we use Google XML sitemaps plugin. My questions are: Do I need both of these sitemaps? Or can I use one or the other? If I use both, do I make one sitemap1.xml and the other sitemap2.xml and drop them in the root? How do I make sure google knows I have 2 sitemaps? Anything else I should know? Thank You0