"MageReport.com is a great community resource which lets clients run tests on their website and gives an instant overview of which patches have not been applied or where there is uncertainty."
- John Steer, Chief of Information Security, Magento
About MageReport.com
This free service gives you a quick insight in the security status of your Magento shop(s) and how to fix possible vulnerabilities. MageReport.com is made by the Magento hosting specialists of Dutch provider Byte. We protect performance and security of several thousand Magento shops.
MageReport.com checks your Magento shop for the following known security vulnerabilities:
- Amasty Product Feed vulnerability
- Exposed API
- Credit Card Hijack
- Ransomware
- Cacheleak vulnerability
- Webforms vulnerability
- GuruInc Javascript Hack
- Outdated Magento version
- Unprotected development files
- Default /admin location
- Unprotected Magmi
- Unprotected version control
- Outdated server software
- Security patch 5994 (admin disclosure)
- Security patch 5344 (Shoplift)
- Security patch 6285 (XSS, RSS)
- Security patch 6482 (XSS)
- Security patch 6788 (secrets leak)
- Security patch 7405 (admin takeover)
- SSL Certificate check
A special thank you for the people who have helped us with code contributions and valuable feedback:
- Ivan Chepurnyi
- Anna Völkl
- Steve Robbins
- Peter O'Callaghan
- Sander Mangel
- Jeroen Vermeulen