Local Storage seems to be disabled in your browser.
For the best experience on our site, be sure to turn on Local Storage in your browser.
Blog
-
February 10, 2025 4
Sometimes we need to "detect"(check) the customer's login status and do something. For instance, display a coupon code to logged in customers only. Things become complicated when Full...
-
January 23, 2025 29
Magento supports multiple payment methods and you can even develop your own payment method. This is a big plus as store owners can fully control the last and the most important step of checkout process...
-
December 31, 2024 28
As illustrated in the concept image, we got a request from our client that he wants to use the built-in Admin Grid filter feature to search entries that has empty field. To be more specific in his situation...
-
December 19, 2024 45
Class
\Magento\Framework\Xml\Security
in Magento 2 framework is intended to prevent XXE and itsscan
method can detect entities in XML input, by design. However, we found a way... -
December 17, 2024 24
Magento 2 uses "Scoped configuration" to adopt multiple stores setup. Configuration value has a fallback mechanism and the "default value" is stored in
etc/config.xml
... -
December 07, 2024 75
The encryption key in Magento is used to encrypt sensitive data such as API credentials, and most important thing, the Admin WebAPI Token is issued by this key. We need to rotate it if the key is leaked...
-
December 02, 2024 20
Starting from Magento 2.4.7, the encryption key has a new format and the key length is increased to 256-bit. We will demonstrate the key generation process and after reading this blog, you should be able...
-
September 12, 2024 96
How to fix CVE-2024-34102? Upgrade Magento to greater than 2.4.7-p1 is the best solution, but sometimes it could not be done in a few days and your store may be hacked before applying the official patch...
-
September 10, 2024 87
CVE-2024-34102 was discovered in 2023 and published in June 2024. There already exists exploit script on the internet. By exploiting this vulnerability, the attacker can obtain the content of files on...
-
August 30, 2024 40
If you debugged Magento, I believe you have ever seen the 'X-Magento-Tags' in the response headers. What is 'X-Magento-Tags' used for? How is the 'X-Magento-Tags' generated?
We will cover these...