Magento security is a topic of enormous importance for every Magento shop owner. Google blacklists around 20,000+ websites every day for malware and around 75,000 for phishing every week.
All Magento shops are attractive targets to hackers because of sensitive data like personal addresses or payment information that is required to complete a sale.
Even if the Magento shop does not directly process credit card data, a compromised shop might reroute customers to another website or alter an order before it is transmitted to the payment processor.
In this blog post, we will explain what a web application firewall is, how MGT WAF is working, and how does it protect your Magento shop against all of these attacks.
What is a Web Application Firewall (WAF)?
A Web Application Firewall is an essential security product that protects web applications from attacks and filters malicious traffic before it reaches your server.
A Web Application Firewall protects you against known threats such as SQL Injection (SQi), Cross-Site-Scripting (XSS), DDoS Attacks, Cross-Site request forgery (CSRF), file inclusion, clickjacking and many more.
What is MGT WAF?
MGT WAF is a managed Web Application Firewall on top of the AWS WAF that protects
your Magento shop against common web exploits that may affect availability, compromise security, or consume excessive resources.
For Magento 2 we have developed a module that our customers can block countries, IPs, and Bots on his own. Furthermore, the rate limit for blocking IPs automatically can be adjusted.
Benefits of MGT WAF
- Denial-of-Service Attack Mitigation: Mitigation against DDoS attacks to prevent downtime
SQL-Injection Protection: SQL-Injections on headers, query parameters, inputs
and body data are filtered
- Cross-Site Scripting Protection: Prevents attacks against Cross-Site Scripting (XSS)
- Linux Attacks: Request patterns are blocked associated with exploitation of vulnerabilities specific to Linux, including LFI attack
- Rate-Limit: Protection against HTTP Flood which may affect the performance and availability of your shop
- Full Visibility: Real-time metrics are provided with information about IP addresses, geo location, URIs, user agent and referrers
- Country Blocking: Block traffic from unwanted countries
- Bot and IP Blocking: Bad bots, crawlers and IPs can be blocked to deny access
- Auto updates: Updates against new maliciou attacks are automatically applied
- Magento Backend IP Restriction: Magento backend can be restricted by allowing a set of IPs to enter
- Fully Supported: MGT WAF is fully managed and supported by our team
Visibility in Real Time
Real-time metrics and captures raw requests that include details about IP addresses,
geo-locations, URIs, User-Agent and Referers are displayed in real-time.
Magento 2 Module
We have developed a module for Magento 2 where our customers can block IPs, countries, bots, and configure the rate limit to prevent HTTP flood attacks that may affect availability and performance.
- IP Blocking: IPv4 and IPv6 IP addresses can be blocked
- Country and Bot Blocking: Traffic from unwanted countries and bots can be blocked
- Rate-Limit: IPs are automatically blocked after hitting the limit
- Rate Limit Whitelist: Whitelist IPs which should not be blocked, e.g. your office IPs
- Magento Backend IP Restriction: Whitelist IPs which should have access to your Magento backend
MGT WAF is available for Magento 2 and Magento 1. The official support for Magento 1 ends in June 2020.
At this point, no security patches are provided anymore by Magento.
Running a Magento 1 shop without a security service in front after June 2020 is very dangerous and could be a very attractive target for a hacker.