Magento Cacheleak is an implementation vulnerability i.e. result of bad implementation of web-server configuration for Magento platform. With this, all private directories, including var/, var/backups/, var/cache/, var/session/ are exposed to public, so it is possible for anyone get the list of backups or sessions and download it, extract data values from cache files and finally obtain full control over your Magento installation.

How to check if your web-server configuration is vulnerable

Simply open var/, var/cache/, var/session/, var/backups/ directories in your browser, by appending them to your domain:
http://example.com/var/ or http://example.com/var/cache/.

Ideally, you should see 403 Forbidden or 404 Not Found page. If vulnerable, you will see directory listing allowing you to browse and download anything you like, would it be cached passwords or backup with saved payment method of your customers.

How to secure it?

Ensure that .htaccess files or Nginx rewrite rules are in place

Navigate to var/, var/cache/, var/session/, var/backups/ directories via FTP, SSH or any FileManager and ensure that there is.htaccess in each directory. You may need to enable your FTP or SSH client to show hidden files (as files startng with dot character are considered hidden). If files are not there, upload any missing files from original Magento distribution. The.htaccess file contains just two lines:

Order deny,allow
Deny from all

ServerGuy’s Managed Magento Platform is completely secure and customers are informed about any new Magento Security Patches and we can apply them on-demand free of charge. We also take care of all the Magento Security best practices to minimise any such hacks and exploits. Contact Us for more details.

Share This