In this release we have deployed an addition to the default user configurable NGINX configuration which will block vulnerability probes on Adminer. Adminer is a phpMyAdmin-like single file PHP script that you can install in your shop as an easy web-interface for MySQL. Yesterday, Hypernode co-founder and security researcher Willem de Groot discovered that an older version of this application is currently being abused in the wild to hack Magento shops.

We too have seen a platform-wide increase in probes against adminer URLs, mostly originating from a select amount of specific countries.

Because the frequency of probes is increasing we will now block requests to Adminer URLs if they originate from certain countries. This will not only make shops that use Adminer more secure, but it will also lessen unnecessary strain on the resources of the web-server if Adminer isn’t used.

There are of course valid uses of Adminer, so if you are developing a shop from one of the countries that is now blocked by default and need access you can edit the new NGINX rule in /data/web/nginx/server.protect_adminer to remove a country-code from the list or to add your IP as an exception.

Note that if you are running a vulnerable version of Adminer it is recommend that you upgrade as this new configuration will block some probes, but not all.

Changes will be deployed over the course of the coming week.