Just going through my threatview scan results and one element that’s come up for improving is that my Magento cron.php is exposed and it saying that it’s leaving my website vulnerable to a denial of service attack. Can anyone please tell me what is a denial of service attack and how do I secure this?
Okay so a Denial of Service (DoS) attack is what it says on the tin – an attack that overloads a website or network making the service unavailable or unusable to the intended users. So it could make your website slow or not available at all, which means you would struggle to or not make any sales on your website.
3 Likes
Yeah as Watson says above a DoS attack can be detrimental to your sales, I would start by making sure your magento is up to date with all the patches because if you are missing certain patches it could also lead to your site being vulnerable to Remote Code Execution (RCE) as well. There are also ways to secure the cron.php script in your website coding, do you do the work on your website yourself or do you have a developer?
1 Like
Thanks both for your responses. My niece helped build my website and I’ve been learning how to keep it secure, why I use threatview but I’m starting to think I may need to get a developer in to help lock down all the cybersecurity parts as I have enough to be dealing with running a business and trying to have a life.
1 Like
Okay, I just wondered as I could have linked some resources on how to secure cron.php if you were trying to do it yourself, but it sounds like getting a developer in may be the best option for you. I’m not sure what your other threatview scores were but I would recommend getting a developer in asap to get this all locked down.