Hacked Magento SiteThis Sucuri Webinar is led by Cesar Anjos, one of Sucuri Security’s Magento Analysts. Cesar provide a step by step guide to fixing a hacked Magento website. The Magento hacks can be hidden in a variety of places and might only be active when the store is visited in a particular way. These Magento hacks may be located in Magento files, extensions, themes, or the database.



The most common form of malware infection places an iframe or JavaScript code into the store’s pages. When the code inserts hidden spam links, these links may only be in the page if the request comes from a crawler for a search engine. When the code redirects a visitor or attempts to infect a visitor’s computer with malware, the attempt may only occur if a visitor comes to the store through Google or another search engine. When coming to the store directly, it will appear to be normal.

Here are some basic suggestions to small e-commerce sites:

Stay away from processing payment details on your site. If your site never has access to clients’ payment details, it can’t be used to steal them even if it is hacked. Just outsource payments to some trusted third-party service as PayPal, Stripe, Google Wallet, Authorize.net, etc.
Think security from the very beginning. You need to be proactive. If your site is hacked then you need to get help quickly. You can’t risk your customers’ money and your reputation.

Use best practices with your website security:
Use strong and unique passwords in every element of your site: hosting, CMS, payment services, etc.
Have some integrity control of files and the database. This will help you detect unauthorized modifications. Our WordPress security plugin offers integrity monitoring.

Don’t host your e-commerce site on the same hosting account with other sites. The better the isolation from the rest sites, the less chances one of the less secure neighbor sites will be the point of penetration for your important e-commerce site.

Use a website firewall — it will protect your sites from many web based attacks. Ideally, the firewall should be actively maintained and updated so that no new types of attacks could bypass it.

Monitor your website for security issues, both on the client-facing front-end, and the server-side back-end.