magedin / module-trojan-request-blocker
This robust extension acts as a shield, detecting and blocking malicious requests before they can disrupt your e-commerce operations. Whether it’s bots, fraudulent actions, or unusual traffic spikes, MagedIn_TrojanRequestBlocker is designed to guard your store from potentially harmful activity.
Installs: 120
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 1
Open Issues: 1
Type:magento2-module
Requires
- php: ^7.4||^8.0
- magento/framework: *
This package is auto-updated.
Last update: 2024-11-15 02:59:31 UTC
README
Keep your Magento 2 store protected from suspicious and harmful requests with MagedIn_TrojanRequestBlocker. This robust extension acts as a shield, detecting and blocking malicious requests before they can disrupt your e-commerce operations. Whether it’s bots, fraudulent actions, or unusual traffic spikes, MagedIn_TrojanRequestBlocker is designed to guard your store from potentially harmful activity, ensuring a secure and smooth shopping experience for legitimate users.
Compatibility
- Magento 2.3
- Magento 2.4
Context
Have you ever seen any order like the following one in your Magento 2 website?
In the fast-paced world of eCommerce, security is paramount. Recently some Magento 2 websites encountered a serious security threat. Their Magento stores were targeted by trojan orders attempting to exploit vulnerabilities within Magento’s system. The attackers tried to inject malicious code through customer fields, such as the First Name and Last Name fields, with the aim of executing code when rendering the page.
Installation
> composer require magedin/module-trojan-request-blocker > php bin/magento module:enable MagedIn_TrojanRequestBlocker > php bin/magento setup:upgrade > php bin/magento setup:di:compile
How to Use This Extension
To get a full explanation of what's the problem here, please refer to this blog post:
Protecting Your Magento Store from Trojan Orders: Introducing the Trojan Request Blocker
There you'll have a video explaining how it works and how you can use it.
Further Reading
- Adobe Commerce merchants to be hit with TrojanOrders this season
- Magento stores targeted in massive surge of TrojanOrders attacks
- Surge in TrojanOrders Attacks on Magento 2 E-commerce Sites
- Magento 2: Fake customer order came through with weird code instead of customer name
- Despite "Allow Guest Checkout" set to "No" it's possible to place a guest order with the guest-carts REST API #36691