About the Visbot malware

What is the Visbot malware? Visbot is a particular type of malware that is found on hacked Magento stores. It intercepts POST requests to the server (so anything submitted by visitors, such as passwords and payment data), encrypts it and stores it into an hidden image file. This “image” is periodically retrieved by criminals and […]

Read more

Blocking user agents and or referrer sites

Blocking and allowing IP-addresses is done using the Nginx access module. The ngx_http_access_module module allows limiting access to certain client addresses. Before you start Be very carefully when blocking IP’s, user agents or referrers, as it is relatively easy to block more agents then you want.  When adding block entries, make sure to check your access […]

Read more

Creating your own backups with Tarsnap

Managing backups yourself If you choose to create your own backups, we recommend using Tarsnap as an offsite backup provider. This very robust third party backup service is well known for it’s excellent security and their low prices. Tarsnap encrypts your data and then stores it on Amazon S3 storage platform. S3 is extremely reliable, […]

Read more

Emails sent from a Hypernode are marked as spam

Sometimes email which is sent from a Hypernode is marked as spam by external spam filters. Follow this steps to be for sure the cause is not a misconfiguration. Troubleshooting mail from Hypernodes Check SPF records Check if the spf.appname.hypernode.io hostname is included in your SPF record (in the DNS zone-file). This hostname contains the […]

Read more

Fixing the Cart2Quote Remote Code Execution

We have noticed a number of our customers have installed Cart2Quote Quotation Manager, risking their webshop to being exploited by attackers. This article helps you to update the extension to fix this security issue. On our Hypernode platform we have blocked this remote code execution exploit by default. This will prevent attackers from executing unwanted […]

Read more

Fixing the Webforms Pro 2 vulnerability

Serious security issue Versions up to 2.7.6 of the popular Webforms Pro 2 module by Vladimir Popov are unsafe. Hackers can use it to upload malicious code and essentially take control of the shop. We see active abuse in the wild. Hackers have already automated the attack. Hypernode has implemented an emergency fix on July […]

Read more

How to apply Magento patches

This article explains how to apply a Magento patch to fix bugs and secure the safety of your webshop. Magento Enterprise Edition users can download patches via the Magento Support Portal via Magentocommerce.com. Different Magento patches Every once in a while Magento issues a new patch for Magento Community and Magento Enterprise to increase the […]

Read more

How to fix malicious JavaScript Credit card Hijack?

The hack Credit card Hijack is malicious code in Magento that allows hackers to intercept financial data, such as credit card credentials. This article further explains what this security breach means, what the consequences are and how you can fix it. We recommend checking your site with Magereport.com for other vulnerabilities. What is Credit card Hijack? […]

Read more

How to fix the GuruIncsite infection

This article explains what the GuruIncsite infection is, what the consequences are and how to fix it. What is the GuruIncsite infection? Hackers have infected several thousand Magento sites with malicious code. This code creates an iframe to guruincsite.com. Two kinds of modifications have been spotted in the wild: obfuscated and non obfuscated. Sucuri (online security company) […]

Read more

How to install Magento patch SUPEE-6788

On the 27st of October 2015, Magento released SUPEE-6788. This patch fixes 10 different security issues, notably an SQL injection fix. With the release of patch SUPEE-6788 Magento also released a new Magento Community version: Magento Community Edition 1.9.2.2. This new version contains all latest Magento patches. Read more about updating Magento. What are the risks? […]

Read more