(888) 554-9990

Get Better Hosting
 

Guest Post: Jeff Finkelstein of Customer Paradigm: Don’t lock your door and leave the window open

A guest post on security from Customer Paradigm

At eBoundHost, we work with a variety of developers, designers, and security consultants to help our customers make the most of their web presences beyond the server environment.  Jeff Finkelstein of Customer Paradigm is a top Magento and WordPress developer that has helped countless clients secure their sites.  He has some pointed about the importance of patching your e commerce software.


If you run a Magento site, you probably take credit cards for payment.  It’s no secret that hackers want to steal your customers’ credit card  information, so that they make fraudulent purchases or sell the credit card numbers online.

Most eCommerce platforms  like Magento don’t actually store and save credit card information. When the user is in the cart, entering their credit card information, the credit card data is not stored on the server.  Rather, it’s encrypted and securely sent to the credit card company.

If the credit card number, expiration date, security code, name on the card, billing address on file and a few other data points are accepted (i.e. the person is not over their spending limit for the amount you’re trying to charge), then the credit card company will send back an authorization code, letting you know the credit card was accepted for the purchase amount.

That’s how it’s supposed to work. But, if someone was able to get into the code of your site, then  they can inject a little bit of code that watches and records the credit card information, then sends it off to a nefarious person.

Usually the attack is not against the core code of the eCommerce site, but a security loophole somewhere else.

Sometimes attackers are able to gain entry to a site because there is a security vulnerability that should have been patched, but hasn’t;  an insecure plugin, an out-of-date extension, or a misconfigured setting that isn’t even connected to your eCommerce site.  The main components of your eCommerce site might be very secure.  But if another portion of your site is not, it’s like leaving the side window of your house wide open and leaving on vacation.  Sure, the front door is locked, but there’s another, very easy way into the house.

If your eCommerce software developer (Magento, WooCommerce, etc.) releases a patch, it’s extremely important to install it.  Because when a security patch is sent out, the first thing hackers do is reverse engineer it to see how a site could be vulnerable if that patch isn’t applied.

If you patch your site, you’ll be in better shape.  If you don’t, the security patch is now an evildoer’s how-to guide for attacking your site.  This means failing to patch your site in a timely fashion is doubly dangerous.  Once the patch is released, unpatched sites are at even higher risk of being compromised.

We recommend using a version control system such as  git or subversion on your server, so that you can easily see if any key files have been changed.  You can also use it to run an automated scan for new, changed or removed files – key warning signs that someone has been tampering with your site.  

For example, on a Magento site, I know that if the CC.php file in the core code has been changed, the site is likely to have been attacked – this is one of many points to check for possible problems.

Bottom line: keep up to date with patches, and use a version control system to let you know if anything new has been added to the site.

I hope this helps!  My team is here to secure your site ahead of the upcoming holiday – you can call me at 303.473.4400 or visit http://www.CustomerParadigm.com/Magento for more information.




Read This Next:




1) Their technical support people are always available to help with questions. 2)Server and network speed excellent. 3)Everything works great. 4)I highly recommend them!!!Thank you.

Jindrich Radic

There is not a place on this Planet that you can get better service, support or hosting!

Pat

Every time I have contacted my host provider. They have responded with speed, courtesy and accuracy they are professional and a joy to work with.

P. LaGambina

Cost, technical support and promptness of return calls are of paramount importance to me since most of my work is done on the road and waiting for a reply is frustrating. eBoundHost has been a pleasure to work with friendly, courteous and professional.

Steve Berry

I have worked with many hosting companies over the course of my years in the website building and design business. I can say with certainty that eBoundHost.com is among the elite companies. I would and have recommended them to anyone.

Jim Nickerson

eBoundHost.com has been a dream to work with. My questions are answered in minutes, the price is very reasonable, the interface is great, I am very happy with how smooth everything works.

Paul

Every time I call with a problem or question, Everyone, especially Denis has always stepped up to the occasion. As usual he solved yet another problem I had. You have a superlative customer service. It doesn't get any better. Keep it up guys.

Jason M

EXCELLENT across the board, super quick reply to questions (about 15-30min). Outstanding! Loads of features, excellent price! Loads of space and bandwidth!

Beau B.

eBoundHost.com has the best customer service in ANY industry. Their support staff answers phone calls and emails immediately and they have time and time again gone over and above their responsibilities to make sure I am taken care of and that my clients are happy. I have many websites hosted here from small business to corporate level and have dealt with many hosting companies in the industry and eBoundHost.com is by far the BEST hosting provider there is. Great prices, great service, great hosting packages, and a killer reseller program! THANK YOU AGAIN :)

Shannon

Excellent response to questions and issues. Fabulous uptimes. Personable tech support.

Lisa Cowan

Reliability and customer service that is rare and refreshing. We have been using eBoundHost for several years and unlike many companies who's service wanes over the years, the staff at eBound has consistently delivered top notch performance. Bravo!

Don Bailey

I came to eBoundHost after a very bad experience with a so called "big boy" - you know one of those places you are only a number. I have been a satisfied customer for more than 4 years now. The support is second to none.

Gary Hutchison

From using your hosting services for dozens of web clients and appreciating your wonderful customer service (all the while enjoying spending my meaty affiliate checks), I look forward to growing with you and watching you evolve surely and steadily into a powerhouse of a force to be reckoned with for your competitors. In an overcrowded abyss of hosting providers it is an absolute MUST to stand out above the crowd if you want to claim your stake and play with the big boys. Period. All I can say is this...Look Out World - GAME ON!!!

S. Gino

I'm Stan Bogdashin, a customer of your hosting company for the past 2 years. Our company provides web design, development and Search Engine Optimization (SEO) services. Want to thank you for helping us by providing great hosting seamless support - this is why I continue to recommend you and don't use anyone else for hosting!

Stan Bogdashin

eBoundHost is the best. I have dealt with many hosting providers over the last 10 years. eBoundHost surpasses them all. Absolutely the highest level of quality service anywhere. Do yourself a big favor and sign on with eBoundHost.

Dave "Infodave" Beightol

GREAT customer service and tech support, with professional, yet personable service.

J. Bitner

I waited to write a review until I had absolutely everything working, thinking that something would come up that eboundhost couldn't solve almost immediately. I've never been so happy to be wrong - their customer support is just incredible.

Shannon I

No better web host on the market! Support is second to none.

Roger Hamilton

eBoundHost is really the best hosting service in today's marketplace. Fast and efficient customer service with excellent IT knowledge. Good price and many bundled extra options. Highly recommended!

Goran Paunovic
Artversion Creative Agency

I have been a customer since December of 2001, and the service has been nothing less than excellent. I would recommend eBoundHost highly.

Jason Maggard

Find the right cloud VPS Size for your website

Smaller websites with less traffic

Multiple websites or large traffic-intensive websites

 

1
CPUs
1.5
GB RAM
50
GB Storage
2
TB Transfer

$25/month

Get Started

30 day money back

 

2
CPUs
3
GB RAM
100
GB Storage
3
TB Transfer

$40/month

Get Started

30 day money back

 

4
CPUs
5
GB RAM
200
GB Storage
5
TB Transfer

$50/month

Get Started

30 day money back

 

6
CPUs
7
GB RAM
450
GB Storage
7
TB Transfer

$65/month

Get Started

30 day money back

 

8
CPUs
9
GB RAM
600
GB Storage
10
TB Transfer

$99/month

Get Started

30 day money back

 

10
CPUs
10
GB RAM
1000
GB Storage
12
TB Transfer

$125/month

Get Started

30 day money back