With Magento being so popular, it is always under attack, the thing is are you all secured!
Only this week, did our monitoring systems pick up the fact that these hackers were looking for another route to hack into Magento websites. This time they were preying on the folk that have not changed their /admin URL to have something random at the end i.e. /admin_pr0d7sl&3! They are also trying to use the ‘downloader’ or ‘RSS’ feed route. Once they get there, they are then running through all the typical usernames and then attacking hard to find the right password! Once they get in, then they start trying to do things in your database of data, this is totally where we do not want them to be!
If you have not changed your admin URL, then get cracking now. If you are struggling to get that done, then at the very least, make sure you get rid of any users you do not need and change your password to something that is at least 8 characters in length, has a capital letter, a number and one of these £%&*)(!?@. You also need to get access blocked to downloader and the RSS feed!
Oh, if you are running a Magento 2 site, then the good news is that the admin URL will already be random! This is an out of the box feature.
Don’t procrastinate or you will regret it!
You can always give us a shout if you need some help!
