Unpathed Critical Vulnerability in Magento

Posted on May 25, 2017 by Yury Sergeev


Unpathed Critical Vulnerability in Magento

Popular CMS are always under attack. To keep your online business secure, you should always be aware of high-risk web vulnerabilities. Today, it is crucial to know how to mitigate the vulnerabilities which may harm the income.


Tags: security e-commerce magento


Securing Websites with Threat Intelligence API

Posted on January 04, 2017 by Yury Sergeev


Securing Websites with Threat Intelligence API

Many researchers have been monitoring malicious activities of cyber criminals who compromised vulnerable e-commerce websites in an effort to steal payment card information provided by their customers. Those hackers often injected a keylogger code function directly into the sites. It was the Javascript, PHP or another language keylogger which installed as a part of the websites and captured payment information entered by users. For examples, Magento Commerce and OpenCart platforms were impacted in 2016.


Tags: Threat Intelligence IP reputation machine learning security e-commerce


8 reasons why your site can be hacked

Posted on October 18, 2016 by Nikolay Arefiev


8 reasons why your site can be hacked

When you use the Internet for your business, you are confronted with a task of protecting your Internet resource. Some small Internet-based companies believe that if they don’t store the customer payment information at their web resource, no hacker attack can significantly harm their business. However, nowadays there are exist attacks that indirectly influence all participating parties, even though your resource may not have been the target of the attack.


Tags: signatures IP reputation machine learning log analysis anomalies security


How to hide sensitive POST data in NGINX log

Posted on September 18, 2016 by Yury Sergeev


How to hide sensitive POST data in NGINX log

NGINX is an extremely popular web server that can handle high volumes of web traffic. Each client connection might be logged and you can control which information to store. Sometimes, it is essential not only to save remote IP address, user agent or status but also store a body of requests, especially POST requests. For instance, POST data can be really useful to be analysed if you want to ensure that your server is secured enough because the most of the attacks are sent by this type of HTTP requests. However, some POST headers may contain sensitive data such as passwords and therefore it is essential to have a making method.


Tags: nginx logging masking POST


Effortless Log File Analysis for Technical SEO

Posted on August 14, 2016 by Nikolay Arefiev


Effortless Log File Analysis for Technical SEO

The task of website analysis for promotion in different search engines is usually solved by the means of various online services and software products. It is better to use a mashup approach, when you get all results of the web server log analysis on the same platform, thus eliminating the need to buy a set of various software products or pay for multiple online services.


Tags: seo referer log analysis