UniForce a Security app for Magento 2.0

Malware scans, FireWall and Brute-force protection in a single PHP app.
Here is a quick guide on how to implement major Security features on a Magento site. Before we start let's see why we are going to use Uniforce.

UniForce is an extension that can be installed on any PHP site, CMS or framework. It allows you,

  • One-time and daily automatic tests for existing Malware and viruses among site's files.
  • Restrict website access using the Security FireWall.
  • Protect a website from exploit-attacks, XSS-attacks and SQL injections.
  • Protect a website from password guessing (brute-force).

This app is a production of the CleanTalk company who is a vendor of Anti-Spam, Security and Monitoring services for websites. CleanTalk has been on the market since 2012 and has service +800k sites so far.

We also call Uniforce a Universal security plugin for every CMS.

  1. Download the latest Uniforce build https://github.com/CleanTalk/php-usp/releases/download/3.8.0/uniforce-3.8.0.zip
  2. Unzip the archive inside your website root folder (usually the "web" folder). You should see a folder named "uniforce" in the root of your website. Example,

shagimuratov@demo2:magento2.demo2.cleantalk.me/web$ ls -la
total 3668
drwxr-x--x 19 web6         client1         4096 Dec 18 23:24 .
drwxr-xr-x 12 web6         client1         4096 Dec  9  2021 ..
-rw-r--r--  1 web6         client1        12076 Dec  8  2021 .htaccess
-rw-r--r--  1 web6         client1        11600 Dec  8  2021 .htaccess.sample
-rw-r--r--  1 web6         client1         1519 Dec  8  2021 .php_cs.dist
-rw-r--r--  1 web6         client1         2095 Dec  8  2021 .travis.yml.sample
-rw-r--r--  1 web6         client1          101 Dec  8  2021 .user.ini
-rw-r--r--  1 web6         client1       775488 Dec  8  2021 CHANGELOG.md
-rw-r--r--  1 web6         client1          650 Dec  8  2021 COPYING.txt
-rw-r--r--  1 web6         client1         2994 Dec  8  2021 Gruntfile.js.sample
-rw-r--r--  1 web6         client1        10364 Dec  8  2021 LICENSE.txt
-rw-r--r--  1 web6         client1        10376 Dec  8  2021 LICENSE_AFL.txt
-rw-r--r--  1 web6         client1         4992 Dec  8  2021 README.md
-rw-r--r--  1 web6         client1          700 Dec  8  2021 SECURITY.md
drwxr-xr-x  6 web6         client1         4096 Dec  9  2021 app
-rw-r--r--  1 web6         client1          161 Dec 10  2021 auth.json
drwxr-xr-x  2 web6         client1         4096 Dec  8  2021 bin
-rw-r--r--  1 web6         client1        15897 Dec  8  2021 composer.json
-rw-r--r--  1 web6         client1       459987 Dec  8  2021 composer.lock
-rw-r--r--  1 web6         client1      2291189 Dec  8  2021 composer.phar
drwxr-xr-x  5 web6         client1         4096 Dec  8  2021 dev
drwxr-xr-x  2 web6         client1         4096 Dec  9  2021 error
drwxrwxrwx  3 web6         client1         4096 Dec 18 22:38 generated
-rw-r--r--  1 web6         client1           57 Dec  8  2021 grunt-config.json.sample
-rw-r--r--  1 web6         client1         1370 Dec 18 21:04 index.php
drwxr-xr-x  4 web6         client1         4096 Dec  8  2021 lib
drwxr-xr-x  6 web6         client1         4096 Dec 10  2021 magento2-sample-data
-rw-r--r--  1 web6         client1         5912 Dec  9  2021 nginx.conf.sample
-rw-r--r--  1 web6         client1         5814 Dec  9  2021 nginx.conf.sample_def
-rw-r--r--  1 web6         client1         1416 Dec  8  2021 package.json.sample
drwxr-xr-x  2 web6         client1         4096 Dec  8  2021 phpserver
drwxrwxrwx  6 web6         client1         4096 Dec  9  2021 pub
drwxr-xr-x  7 web6         client1         4096 Dec  8  2021 setup
drwxr-xr-x 26 web6         client1         4096 Dec 18 05:03 stats
drwxr-xr-x 10 shagimuratov shagimuratov    4096 Dec 18 23:19 uniforce
drwxrwxrwx  8 web6         client1         4096 Dec 18 22:39 var
drwxr-xr-x 66 web6         client1         4096 Dec  9  2021 vendor

Make sure the web server has access to Uniforce files, usually www-root or www-data should be set as the files owner,

sudo chown -R web6:client1 uniforce
sudo chmod -R o+rw uniforce
3. Go here in your browser SITE.COM/uniforce/index.php
4. Enter an email and a password to set up access to the Uniforce
5. Sign up for a CleanTalk account to get the Access key https://cleantalk.org/register?product_name=security

Fill in the Access key in the same form as in 5.
6. (Optional) In "Additional scripts", write the path to your index.php or any other index file which you use to route requests to your site.
7. Then press the "Install" button to run the installation.
8. By default, the UniForce rewrites the index.php in the root folder and doesn't touch anything else. You can specify additional admin page URLs in the "Additional scripts" field, just separate them by commas in the "Advanced configuration" section.
Code injection by Uniforce to run FireWall and Brute-force protection for magento.

        if(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'){
9. You should see a Summary page in case of success.
Uniforce Summary page
  • Cross-Site Scripting (XSS) attacks

    Cross-Site Scripting (XSS) attacks in Magento, a popular e-commerce platform, pose significant security risks. These attacks occur when attackers exploit vulnerabilities in Magento or its extensions to inject malicious scripts into web pages. Such vulnerabilities can lead to unauthorized access to customer data, manipulation of site content, or redirecting users to harmful sites, necessitating rigorous security measures and regular updates in Magento installations.
  • Brute-Force attacks on Magento

    Brute-Force attacks on Magento involve attackers attempting to gain unauthorized access by systematically trying numerous password combinations. This type of attack targets the login credentials of Magento admin users, potentially leading to unauthorized access to sensitive data and control over the e-commerce site. To mitigate these attacks, Magento store owners are advised to implement strong password policies, two-factor authentication, and limit login attempts.
  • Malware risks on a website

    Malware risks on a website pose serious threats to both site operators and visitors. When a website is infected with malware, it can lead to unauthorized access, data theft, distribution of harmful software to visitors, and damage to the site's reputation. Effective measures against malware include regularly updating software, using security plugins, and conducting frequent scans for detecting and removing malicious code.
10. On the Settings page in the Admin page URL put the URL of your admin page, for example '/admin' and turn Brute-Froce protection on.
Uniforce Settings page to set Brute-Force protectio n and Malware scanning.
Uniforce Settings page to set Brute-Force protectio n and Malware scanning.
11. On the Malware scanner page run the first scan. The app shows here dangerous and suspicious files. Usually it takes up to 60 minutes to finish scanning.
12. You can see your Security Firewall logs, add a new site and manage the existing sites on the Security Dashboard page.
13. To troubleshoot any issues post a support request here https://cleantalk.org/my/support/open
Security Dashboard to manage FireWall lists, view Brute-Force logs and Malware scans.
  • 10 years in the website Security Business

    We are aware of all the dangers that can threaten your website and how to deal with them
  • 65+ CVE reports published

    We continue to share found vulnerabilities at research.cleantalk.org.
  • 220 000+ active users
    of our plugins

    Not counting users that don't use WordPress.
© CleanTalk Inc. All Rights Reserved.