As a Magento partner and an experienced Magento developer we understand how this platform migration from Magento 1 to Magento 2 can seem like a big undertaking for eCommerce sites. Having done several migrations it certainly doesn’t happen with a snap of your fingers. However, we’re sharing this article so business owners are aware of the vulnerability of their site when it stays on Magento 1.
Magento online stores hacked in largest campaign to date
Be Proactive
Although Magento 1 sites should have a plan for migrating to Magento 2 soon to prevent security breaches that will inevitably come from using an unsupported e-commerce framework, there is a way to prevent this specific hack from occurring.
Delete the downloader/ directory in your root Magento folder on the server.
That won’t fix a site once it’s hacked, but it deletes the vulnerable code and shouldn’t exist on a production site anyway. This is a tool used to aid with first time installation but you are supposed to remove it after the install is complete.
Tim Dolloff is EVP of client relations at Liventus. Connect with him on LinkedIn here.