Scan your Magento shop for known security vulnerabilities

" is a great community resource which lets clients run tests on their website and gives an instant overview of which patches have not been applied or where there is uncertainty."
- John Steer, Chief of Information Security, Magento


MageReport is brought to you by Hypernode

The advanced Magento hosting platform by Byte

Shops scanned so far:



This free service gives you a quick insight in the security status of your Magento shop(s) and how to fix possible vulnerabilities. is made by the Magento hosting specialists of Dutch provider Byte. We protect performance and security of several thousand Magento shops. checks your Magento shop for the following known security vulnerabilities:

  • Amasty Product Feed vulnerability
  • Exposed API
  • Credit Card Hijack
  • Ransomware
  • Cacheleak vulnerability
  • Webforms vulnerability
  • GuruInc Javascript Hack
  • Outdated Magento version
  • Unprotected development files
  • Default /admin location
  • Unprotected Magmi
  • Unprotected version control
  • Outdated server software
  • Security patch 5994 (admin disclosure)
  • Security patch 5344 (Shoplift)
  • Security patch 6285 (XSS, RSS)
  • Security patch 6482 (XSS)
  • Security patch 6788 (secrets leak)
  • Security patch 7405 (admin takeover)
  • Security patch 8788 (admin creation)
  • SSL Certificate check

A special thank you for the people who have helped us with code contributions and valuable feedback:

  • Ivan Chepurnyi
  • Anna Völkl
  • Steve Robbins
  • Peter O'Callaghan
  • Sander Mangel
  • Jeroen Vermeulen
Hypernode by Byte Magento