12 Ways to Improve Magento 2 Security and Performance OF TOPIC

Slides:



Advertisements
Similar presentations
Business Development Suit Presented by Thomas Mathews.
Advertisements

Easy Website Creation Using WordPress Welcome and Thank You to our Sponsors.
Ngo Van Trung OSS Founder & CEO Magento Overview How to Start a Magento Business.
DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Internet Information Server (IIS)
1 Enabling Secure Internet Access with ISA Server.
Understanding and Managing WebSphere V5
Enterprise Search. Search Architecture Configuring Crawl Processes Advanced Crawl Administration Configuring Query Processes Implementing People Search.
QAD .Net UI: New Enhancements
Today’s Agenda Chapter 12 Admin Tasks Chapter 13 Automating Admin Tasks.
22-Aug-15 | 1 |1 | Help! I need more servers! What do I do? Scaling a PHP application.
Lecturer: Ghadah Aldehim
This presentation will guide you though the initial stages of installation, through to producing your first report Click your mouse to advance the presentation.
OM. Brad Gall Senior Consultant
Introduction to the Enterprise Library. Sounds familiar? Writing a component to encapsulate data access Building a component that allows you to log errors.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
Joomla! Day France SEBLOD Version 2.0 for Joomla! 1.6.
Oracle Application Express 3.0 Joel R. Kallman Software Development Manager.
Troubleshooting Replication and Geodata Services
Wikis are websites where pages can be edited using an online document editor. Users can easily edit and share content. Enterprise wikis are platforms.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
Enabling High-Quality Printing in Web Applications
1 What’s the difference between DocuShare 3.1 and 4.0?
Module 11: Implementing ISA Server 2004 Enterprise Edition.
How to create DNS rule that allow internal network clients DNS access Right click on Firewall Policy ->New- >Access Rule Right click on Firewall.
Integrating and Troubleshooting Citrix Access Gateway.
 Registry itself is easy and straightforward in implementation  The objects of registry are actually complicated to store and manage  Objects of Registry.
The New DRS Introduction. What is DRS? Digital repository for preservation and access – Maintains integrity of deposited content – Preserves content for.
Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.
Intro to Datazen.
Hosting Websites and Web Applications with Microsoft ® SQL Server ® 2008.
Enterprise Messaging & Collaboration. e-Interact Modules.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.
Monitoring Alfresco with Nagios/Icinga Toni de la Fuente Alfresco Senior Solutions Engineer Blog: blyx.com
Powerpoint Templates Page 1 Powerpoint Templates Get Up to Date Effective Website And Build a More Robust Ecommerce Business.
Configuring SQL Server for a successful SharePoint Server Deployment Haaron Gonzalez Solution Architect & Consultant Microsoft MVP SharePoint Server
Basics Components of Web Design & Development Basics, Components, Design and Development.
Varnish Cache and its usage in the real world Ivan Chepurnyi Owner EcomDev BV.
Enhance Your Page Load Speed And Improve Traffic.
EzLogin Premium Extension Overview EzLogin Premium lets your customer login with any of the below social accounts in your webstore  Facebook  Twitter.
The Web Web Design. 3.2 The Web Focus on Reading Main Ideas A URL is an address that identifies a specific Web page. Web browsers have varying capabilities.
12. DISTRIBUTED WEB-BASED SYSTEMS Nov SUSMITHA KOTA KRANTHI KOYA LIANG YI.
ADVANCED HOSTING Adrian Newby, CTO.
Xerox Analyst Training
Patrick Desbrow, CIO & VP of Engineering October 29, 2014
Magento Development Company
Netscape Application Server
Using E-Business Suite Attachments
CONTENT MANAGEMENT SYSTEM CSIR-NISCAIR, New Delhi
Securing the Network Perimeter with ISA 2004
Time is the enemy: Ten Core Lessons for Achieving Peak
Microsoft
Why Magento 2.0 Is Best E-commerce Solution ?
CCNA 3 v3.1 Module 6 Switch Configuration
PHP Training at GoLogica in Bangalore
UNIT 15 Webpage Creator.
Utilization of Azure CDN for the large file distribution
Magento Enterprise cloud Edition had launched this year, and is a platform as a service environment designed for amazon web service and for magento 2.0.
Database Driven Websites
Universal SQL Installations Framework (Script review and Demo)
JD Edwards Support and Oracle Cloud Infrastructure: A Successful Path to Oracle Cloud
WEB API.
1CapApp Company Setup Documentation
Oracle Architecture Overview
Easy Website Creation Using WordPress
Configuring Internet-related services
Nate Nelson I*LEVEL, Inc.
Getting Started With Solr
Client-Server Model: Requesting a Web Page
Presentation transcript:

12 Ways to Improve Magento 2 Security and Performance OF TOPIC Pavlo Okhrem CEO at Elogic Commerce 12 Ways to Improve Magento 2 Security and Performance OF TOPIC

CEO and Co-Founder at eLogic Commerce Vice president of International affairs at Cluster BIT Co-founder and chairman at Chernivtsi IT CEO Club Participant in international business programs in Sweden and Norway Not married

Agenda Performance Security Environment settings: PHP 9. Permissions Job Que DB solutions: Scaling Client side features Advanced caching Images compression, CDN Profiling instruments for code optimization Catalog search optimization Security 9. Permissions 10. Secure workflow/deployment 11. Server side logging configuration 12. Best practices of application configuration for security purposes

Magento2 Performance tips

Environment Settings: PHP Recommended list of extensions Sufficient memory_limit 768MB XDebug adds extra 20% to response time OpCache with recommended settings: - Enough memory portion to fit the code [512MB] - Max_accelerated_files_count [60000] - Timestamp validation / Consistency checks Note: Max performance will be achieved only if OpCache is enabled. php-bcmath php-cli php-common php-gd | php-imagick php-intl php-mbstring php-mcrypt php-pdo php-soap php-xml

Job Queue Integration with RabbitMQ. Available only in Enterprise Edition. Asynchronus jobs execution

Automatic connection resolver (CQRS pattern) DB Solutions: Scaling (EE) Web servers Automatic connection resolver (CQRS pattern) Available only in Magento 2 Enterprise Edition Main (Catalog) Master Checkout Master Order MS Master Main Slave Catalog Slave Checkout Slave EAV Slave …

DB Solutions: Scaling (EE) Adding a Slave database: CLI: magento setup:db-schema:add-slave Moving a separate part to a separate master database: CLI: magento setup:db-schema:split-quote CLI: magento setup:db-schema:split-sales

Configuration: Client side features Minification (CSS, JS, HTML) JS resources bundling Caching of static content Images compression CLI: magento catalog:images:resize

Caching

Caching Can be used used as page cache and session storing

CDN and image compression CDN will help you to deliver content faster. Reduce images size where possible. Use JPEG format for catalog pictures.

Code optimization Using the Zend Z-Ray, you can inspect, debug, and optimize your pages, and easily add additional functionality.

Catalog search Magento 2 EE provides the support for Solr – a robust catalog search engine option. Elasticsearch utilizes the RESTful web interface as well as uses schema-free JSON documents. Merchants prefer this search engine, because it offers real-time search, high scalability, and enterprise-level performance.

One more useful thing

Magento2 Security tips

Permissions The owner of the Magento file system: Must have full control (read/write/execute) of all files and directories. Must not be the web server user; it should be a different user. The web server user must have write access to the following files and directories: var app/etc pub In addition, the web server's group must own the Magento file system so that the Magento user (who is in the group) can share access to files with the web server user.

Permissions All directories have 770 permissions. 770 permissions give full control (that is, read/write/execute) to the owner and to the group and no permissions to anyone else. All files have 660 permissions. 660 permissions mean the owner and the group can read and write but other users have no permissions.

Workflow Limit the access to the production server. Ideally, with the help of CI, so nobody will have access to the live container Limit admin access (use different roles) Only 1 person should have the access to merging commits and deploying them to the live environment Purchase extensions from verified extensions providers

Server logging Configure the logging in a way that it detects all of the suspicious activities on your server Configure the firewall Use Fail2Ban to ban all of the suspicious activities on your server

Application configuration Change the default admin url path Change the default downloader url path Use only secure communications protocol (SSH/SFTP/HTTPS)  Use strong, long, and unique passwords, and change them periodically. Immediately install patches when new security issues are discovered.

Recommended extensions Creaminternet/module-secure-passwords Xtento Two-Factor Authentification (paid) Admin actions Log (paid)

One more thing Close all of the unnecessary ports on your server Restrict SSH access by IP Use password managers like LastPass, PassPack etc to store password securely

Useful resources https://elogic.co/blog/ultimate-magento-performance-guide-nginxhttp2php-7-0-8/ - How to configure Magento with http/2 https://elogic.co/blog/magento-security-lifehacks/ - Magento security lifehacks https://github.com/magento/magento2-zray - Magento2 z-ray plugin https://www.linkedin.com/pulse/20141210024646-1143212-22-ways-to-bulletproof-your-magento-security - 22 Ways to bulletproof your magento security

Contact me Email: pavlo@elogic.co Phone: +38(050)764-1000 Skype: okhrempavlo LinkedIn: /paulokhrem Facebook: /puncher