Security
-
https://github.com/DeployEcommerce/module-admin-password-restrictions
This extension adds a configuration option to restrict the use of certain length passwords in the Magento 2 backend.
26 Mar 2025
-
https://github.com/rostilos/sonarqube-magento2-rules
Set of advanced rules for SonarQube, for Magento 2 CMS
-
https://github.com/ghostunicorns/module-webapi-logs
This module allows you to analyze all the webapi rest done call toward your magento.
11 Mar 2025
-
https://sansec.io/guides/sansec-shield
Sansec Shield is a smart Web Application Firewall (WAF) that provides real-time protection for Magento and Adobe Commerce stores. Unlike traditional WAFs that rely on generic rules, Sansec Shield is integrated with the Magento core architecture and benefits from Sansec's famous expertise in Magento security. This makes our WAF the most effective solution to defend your Magento store.
-
https://github.com/Hawksama/module-oauth-security-plus
A powerful module that whitelists IP addresses for Magento 2 REST and SOAP Admin API token generation. Helps prevent unauthorized API access by ensuring only requests from trusted IPs can create admin tokens.
01 Feb 2025
-
https://github.com/aligent/magento2-pci-4-compatibility
A Magento 2 module to bring Magento in-line with the PCI DSS 4.0 requirements
06 Jan 2025
-
https://github.com/wubinworks/magento2-jwt-auth-patch
Deny tokens issued by old encryption key. If you cannot upgrade Magento or cannot apply the official patch, try this one.
15 Dec 2024
-
https://helpx.adobe.com/security/products/magento/apsb24-73.html
Adobe has released a security update for Adobe Commerce and Magento Open Source. This update resolves critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution, arbitrary file system read, security feature bypass and privilege escalation.
-
https://github.com/opengento/magento2-hoodoor
This module provides a top-notch security for your customers' accounts by adopting a passwordless approach, effectively removing the vulnerability of weak passwords from your database. This instills a sense of confidence and reliability in your platform among your customers.
-
https://magentians.wordpress.com/2024/08/26/how-to-csp-inline-script-for-checkout-required-since-june-2024/
Adobe released a security patch in June 2024 which introduced some major changes to how Magento handles Content Security Policy (CSP), and these changes directly impact functionality around the checkout.
Many developers were caught unprepared because Adobe didn’t announce this big change in the release notes.
