Local Storage seems to be disabled in your browser.
For the best experience on our site, be sure to turn on Local Storage in your browser.

Build your own Magento store from $500/mo Check Now
My Cart
Email / Chat
Skype & Line
Search
Menu
Client Area

Magento 2

  1. Tech How to Bug

    `magento` appears in URL when "Use Web Server Rewrites" set to "No" and in CLI environment

    wubinworks team - July 01, 2025 11

    In an internal test case, we found a strange behavior that when trying to build URL in custom CLI commands, the URL sometimes contains an unexpected magento in its URI part. In this blog, let's examine...

    Read more
  2. Tech Security

    CVE-2024-34102 Cosmic Sting Online Checker

    wubinworks team - March 09, 2025 79

    Check whether your Magento store is affected by CVE-2024-34102(a.k.a Cosmic Sting) with only a few clicks. You can also use it to check whether the applied patch works. Simply input your store's Base URL...

    Read more
  3. Tech How to

    Correct Way To Detect Customer Login On Magento 2 Frontend With Full Page Cache

    wubinworks team - February 10, 2025 49

    Sometimes we need to "detect"(check) the customer's login status and do something. For instance, display a coupon code to logged in customers only. Things become complicated when Full Page Cache(incl...

    Read more
  4. How to Customization

    How to display a notice when customer selects certain Payment Method in Magento 2?

    wubinworks team - January 23, 2025 41

    Magento supports multiple payment methods and you can even develop your own payment method. This is a big plus as store owners can fully control the last and the most important step of checkout process...

    Read more
  5. How to Admin

    Customization for searching empty field in Magento 2 Admin Grid

    wubinworks team - December 31, 2024 51

    As illustrated in the concept image, we got a request from our client that he wants to use the built-in Admin Grid filter feature to search entries that has empty field. To be more specific in his situation...

    Read more
  6. Security How to

    Why `\Magento\Framework\Xml\Security` is not secure? And how to bypass

    wubinworks team - December 19, 2024 73

    Class \Magento\Framework\Xml\Security in Magento 2 framework is intended to prevent XXE and its scan method can detect entities in XML input, by design. However, we found a way to bypass the scan method...

    Read more
  7. Tech How to

    How to get config data directly from `config.xml` in Magento 2

    wubinworks team - December 17, 2024 40

    Magento 2 uses "Scoped configuration" to adopt multiple stores setup. Configuration value has a fallback mechanism and the "default value" is stored in etc/config.xml. In most cases, we just make use...

    Read more
  8. Security How to

    CVE-2024-34102(a.k.a CosmicSting) How to Defend

    wubinworks team - September 12, 2024 177

    How to fix CVE-2024-34102 -- a CVSS Score 9.8(Critical) and RCE possible vulnerability? Upgrade Magento to greater than 2.4.7-p1 is the best solution, but sometimes this could not be done in a few days...

    Read more
  9. Security How to

    CVE-2024-34102(a.k.a CosmicSting) How to Attack

    wubinworks team - September 10, 2024 183

    CVE-2024-34102(Now it can be chained with another bug to RCE) was discovered in 2023 and its details were published in June 2024. There already exists verified exploit script on the internet. By exploiting...

    Read more
  10. Tech How It Works

    A Note About 'X-Magento-Tags'

    wubinworks team - August 30, 2024 102

    If you have ever debugged Magento, it's very likely you saw the X-Magento-Tags in response headers. What is X-Magento-Tags header used for? How is it generated?

    In short, those tags are used in Varnish...

    Read more
Posts loader
Categories
Recent Posts
`magento` appears in URL when "Use Web Server Rewrites" set to "No" and in CLI environment
`magento` appears in URL when "Use Web Server Rewrites" set to "No" and in CLI environment
July 01, 2025
CVE-2024-34102 Cosmic Sting Online Checker
CVE-2024-34102 Cosmic Sting Online Checker
March 09, 2025
Correct Way To Detect Customer Login On Magento 2 Frontend With Full Page Cache
Correct Way To Detect Customer Login On Magento 2 Frontend With Full Page Cache
February 10, 2025
How to display a notice when customer selects certain Payment Method in Magento 2?
How to display a notice when customer selects certain Payment Method in Magento 2?
January 23, 2025
Customization for searching empty field in Magento 2 Admin Grid
Customization for searching empty field in Magento 2 Admin Grid
December 31, 2024
Archive
July 2025
March 2025
February 2025
January 2025
December 2024
September 2024
August 2024
Tags
Magento 2 security CVE-2034-34102 Cosmic Sting Customization Development Bug Cache CDN Full Page Cache cve WebAPI How to XXE security tool CosmicSting Performance Varnish How It Works encryption key Knockout.js Javascript Frontend Block Cache Cache Lifetime Layout Cache FPC X-Magento-Tags ESI Block Tags IdentityInterface Cache Purging TTL attack defend JWT Authentication key rotation token config.xml ModularConfigSource xml framework Admin Grid Filter UI Component Search Criteria SQL Checkout Payment Method