Security Action Plan
DIAGNOSE. Run a scan to establish the security status of your Magento store. MageReport.com is a highly regarded service that is available at no charge to members of the Magento community.
- Check the /media folder for leftover executable code.
- Remove all unknown AdminThe password-protected back office of your store where orders, catalog, content, and configurations are managed. users and reset all Admin passwords.
PROTECT. Keep your Magento installation up-to-date with the most current release. If using an older version, apply all security patches as they become available.
REPORT. If you think that you have found a specific vulnerability in Magento, send a description of the problem with technical details to firstname.lastname@example.org.
UPGRADE. For additional peace of mind that comes from 24/7 support, plan your upgrade now to Magento Commerce Cloud.