Gsyfuy

Website seeing my Facebook data?

Why maximum length of IP, TCP, UDP packet is not suit?

Saint abbreviation

When obtaining gender reassignment/plastic surgery overseas, is an emergency travel document required to return home?

Potential client has a problematic employee I can't work with

Calculate the true diameter of stars from photographic plate

Changing the laptop's CPU. Should I reinstall Linux?

How to not let the Identify spell spoil everything?

Sprint is 2 week and 40-stories

How do you funnel food off a cutting board?

Does the ditching switch allow an A320 to float indefinitely?

Existence of Riemann surface, holomorphic maps

I have trouble understanding this fallacy: "If A, then B. Therefore if not-B, then not-A."

What is a DAG (Graph Theory)?

What essential properties make us human?

In Linux what happens if 1000 files in a directory are moved to another location while another 300 files were added to the source directory?

How can the probability of a fumble decrease linearly with more dice?

Cat is tipping over bed-side lamps during the night

Plausible reason for gold-digging ant

Definition of "atomic object"

Count repetitions of an array

Nuance between philia and mania?

How do you voice extended chords?

Why does 0.-5 evaluate to -5?

how to prevent xss attacks and sql injection in magento 2

Magento hacked even after applied patchMagento getCollection , SQL injectionFacing virus attack in MagentoWhat is new in SUPEE 8788 v2?New Zend Framework 1 Security Vulnerability. I use Sendgrid, am I safe?Dependency Injection and constructor parametersHow to clean hacked site completelyHow to check if there are recently viewed productsHow to secure my website magento 2Need Help adding Magento2 Patch to IDE

0

I need to know if there are some configuration from Bo or some patch to prevent those type of attack please and thanks in advance

magento2 security

share|improve this question

asked 2 hours ago

Developper Magento Developper Magento

49810

add a comment | 

0

I need to know if there are some configuration from Bo or some patch to prevent those type of attack please and thanks in advance

magento2 security

share|improve this question

asked 2 hours ago

Developper Magento Developper Magento

49810

add a comment | 

I need to know if there are some configuration from Bo or some patch to prevent those type of attack please and thanks in advance

magento2 security

share|improve this question

asked 2 hours ago

Developper Magento Developper Magento

49810

share|improve this question

asked 2 hours ago

Developper Magento Developper Magento

49810

share|improve this question

asked 2 hours ago

Developper Magento Developper Magento

49810

asked 2 hours ago

Developper Magento Developper Magento

49810

asked 2 hours ago

Developper Magento Developper Magento

49810

1 Answer
1

active

oldest

votes

1

Prevent xss attacks and sql injection in magento 2

You have to implement below steps:

• Upgrade your Magento version to latest version


• Enabled /use Magento google Captcha extension.


• Audit your application files/folder permission and ownership.


• Audit 3rt party extension, if this extension has any security lick.


• One of most import integrates Web firewall like Sucuri and
  Cloudflare. Web firewall protected block bad and boot request.

share|improve this answer

edited 2 hours ago

answered 2 hours ago

Amit Bera♦Amit Bera

58.6k1475174

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  i use the 2.2.6 and what's the meaning of the last phrase is there something do i have to add as extension or what and really thanks for your replay
  
  – Developper Magento
  2 hours ago
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "479"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f263481%2fhow-to-prevent-xss-attacks-and-sql-injection-in-magento-2%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

1

Prevent xss attacks and sql injection in magento 2

You have to implement below steps:

• Upgrade your Magento version to latest version


• Enabled /use Magento google Captcha extension.


• Audit your application files/folder permission and ownership.


• Audit 3rt party extension, if this extension has any security lick.


• One of most import integrates Web firewall like Sucuri and
  Cloudflare. Web firewall protected block bad and boot request.

share|improve this answer

edited 2 hours ago

answered 2 hours ago

Amit Bera♦Amit Bera

58.6k1475174

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  i use the 2.2.6 and what's the meaning of the last phrase is there something do i have to add as extension or what and really thanks for your replay
  
  – Developper Magento
  2 hours ago
  

  
  
  
  

add a comment | 

1

Prevent xss attacks and sql injection in magento 2

You have to implement below steps:

• Upgrade your Magento version to latest version


• Enabled /use Magento google Captcha extension.


• Audit your application files/folder permission and ownership.


• Audit 3rt party extension, if this extension has any security lick.


• One of most import integrates Web firewall like Sucuri and
  Cloudflare. Web firewall protected block bad and boot request.

share|improve this answer

edited 2 hours ago

answered 2 hours ago

Amit Bera♦Amit Bera

58.6k1475174

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  i use the 2.2.6 and what's the meaning of the last phrase is there something do i have to add as extension or what and really thanks for your replay
  
  – Developper Magento
  2 hours ago
  

  
  
  
  

add a comment | 

Prevent xss attacks and sql injection in magento 2

You have to implement below steps:

• Upgrade your Magento version to latest version


• Enabled /use Magento google Captcha extension.


• Audit your application files/folder permission and ownership.


• Audit 3rt party extension, if this extension has any security lick.


• One of most import integrates Web firewall like Sucuri and
  Cloudflare. Web firewall protected block bad and boot request.

share|improve this answer

edited 2 hours ago

answered 2 hours ago

Amit Bera♦Amit Bera

58.6k1475174

share|improve this answer

edited 2 hours ago

answered 2 hours ago

Amit Bera♦Amit Bera

58.6k1475174

answered 2 hours ago

Amit Bera♦Amit Bera

58.6k1475174

answered 2 hours ago

Amit Bera♦Amit Bera

58.6k1475174