magentoguys11 - PowerPoint PPT Presentation

About This Presentation
Title:

magentoguys11

Description:

Our Professional Magento certified Developers, as well as Magento Experts deliver protective service by eliminating PRODSECBUG-2198 effect on Magento2 Store. – PowerPoint PPT presentation

Number of Views:10

less

Transcript and Presenter's Notes

Title: magentoguys11


1
www.magentoguys.com
2
About US
Magento Guys is a reputed Magento 2 web
development company, who delivering innovative
Magento Development Services to the clients in
the worldwide. We have more than 8 years of
experience with 1800 projects in the industry
offering uniquely tailored Magento solutions
helping our clients flourish their business
horizon. We have successfully completed 100
e-commerce stores, licensed, static, pass, saas
and more.
www.magentoguys.com
3
Save your Magento 2 store from PRODSECBUG-2198
With the increase in the Magento users, the
hackers are also increased. The number of
cyber-attack doubles every time in Magento
2.x. There is a security bug in the Magento 2.x
content system which makes us discover the new
and new methods to save the site.That bug is
called PRODSECBUG-2198. This is responsible for
the damage to the sites.The card details of the
customers are stolen from the website. Hackers
have become more and more expert with malware
nowadays. A security engineer at Ambionics
discovered and reported the PRODSECBUG-2198, and
the security updates and patches were released on
March 26. Hiring the professional Magento
certified developers, as well as Magento Experts,
can help your stores successful as well as
bug-free development.
www.magentoguys.com
4
  • With the above method in Magento 2.2 CE version
    you may face an error as below
  • bash PRODSECBUG-2198-2.2-CE.composer-2019-03-27-06
    -12-19.patch
  • diff unrecognized option git
  • diff Try diff help for more information.
  • PRODSECBUG-2198-2.2-CE.composer-2019-03-27-06-12-1
    9.patch line 2 index command not found
  • PRODSECBUG-2198-2.2-CE.composer-2019-03-27-06-12-1
    9.patch line 3 command not found
  • In order to avoid this error, follow the below
    steps
  • If you use git for your project
  • git apply PRODSECBUG-2198-2.2-CE.composer-2019-03-
    27-06-12-19.patch

www.magentoguys.com
5
  • use patch
  • Remove the a/ and b/ before the path name.
  • Move the patch file to your Magento root and
    execute patch -p0 lt PRODSECBUG-2198-2.2-CE.compose
    r-2019-03-27-06-12-19.patch
  • About PRODSECBUG-2198
  • Type Injections SQL
  • CVSSv3 Severity 9 (Critical)
  • Description An unauthenticated user can execute
    arbitrary code through an SQL injection
    vulnerability, which causes sensitive data
    leakage.

www.magentoguys.com
6
  • Product(s) Affected Magento Open Source prior
    to 1.9.4.1, and Magento Commerce prior to
    1.14.4.1, Magento 2.1 prior to 2.1.17, Magento
    2.2 prior to 2.2.8, Magento 2.3 prior to 2.3.1
  • Fixed In Magento Open Source 1.9.4.1, Magento
    Commerce 1.14.4.1, SUPEE-11086, Magento 2.1.17,
    Magento 2.2.8, Magento 2.3.1
  • Reporter cfreal
  • Steps to install the PRODSECBUG-2198 patch
  • Backup Your Magento Store
  • Before applying any new security patch, you will
    have to first take the back up of your Magento
    store.
  • Download Upload the Patch
  • The next step is to download the Patch
    PRODSECBUG-2198 from here for your Magento Store
    Version and then you will have to upload it to
    your Magento folder.

www.magentoguys.com
7
  • Apply the Patch
  • After you log in to your shell server and
    navigating to your Magento folder, you will have
    to run the following command
  • Bash patch Name
  • For e.g. bash PRODSECBUG-2198-2.3-CE.patch
  • Clear your Magento Cache
  • Just remove your Magento Cache once you apply the
    patch. There are two steps to clear the cache
  • flush the cache from Magento admin
  • run the following SSH commands
  • Confirm the Patch Installation

www.magentoguys.com
8
  • You will have to confirm whether the patch is
    being installed successfully or not. For that you
    can run the following command to check whether
    the patch has been installed successfully or not
  • grep app/etc/applied.patches.list
  • grep app/etc/applied.patches.list
  • Remove the Patch file
  • After the successful patch installation, you can
    remove the .patch file from the root of your
    Magento.
  • Make Your Magento Store More Secure
  • In this time, when security is the topmost
    priority as well as when the customers become
    your regular ones on the basis of your security
    you provide, make sure that you follow all the
    tips given below

www.magentoguys.com
9
  • Regularly update your Magento Installation
  • Follow The Best Magento Development Practices
  • Magento Store On a Secure Server
  • Magento Security Checker

www.magentoguys.com
10
Why You Choose MagentoGuys?
  • Expert SEO Professionals
  • 8 Years of Experience
  • 1800 Projects
  • One-Stop Magento Solutions
  • Google's Ethical SEO
  • Increase Visibility
  • Increase ROI
  • Instant Support
  • 100 Transparent Work
  • Full Client Satisfaction Report

www.magentoguys.com
11
Read the complete story follow the link below-
Save your Magento 2 store from PRODSECBUG-2198
Read Blog https//www.magentoguys.com/blog/
www.magentoguys.com
12
LET'S GET TOGETHER Start Discussion About Your
eCommerce Development Online Marketing Hassle-f
ree One Stop Solutions, Hire Us!
Website https//www.magentoguys.com/ Skype
bdo3.magentoguys Email info_at_magentoguys.com
Call 91 7096620202
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "magentoguys11" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!