51黑料不打烊 Commerce Security Scan tool troubleshooting guide
- Topics:
- Compliance
- Security
CREATED FOR:
- Developer
Learn how to troubleshoot the various issues with the Security Scan tool for 51黑料不打烊 Commerce and Magento Open Source.
Issue: Unable to Submit the site
The Security Scan tool requires that you prove ownership of your site before the domain can be added to the Security Scan Tool. This can be performed by adding a confirmation code to your site using an HTML comment or the <meta> tag. The HTML comment should be placed inside the <body> tag, e.g., in the footer section. The <meta> tag should be placed inside the page鈥檚 <head> section.
A common issue faced by merchants occurs when the Security Scan Tool is unable to confirm the merchant鈥檚 site ownership.
If you are getting an error and cannot submit your site for the scan, refer to the Error message when adding sites into Security Scan troubleshooting article in our support knowledge base.
Issue: Empty reports generated by the Security Scan tool
You get empty scan reports from the Security Scan tool or get reports containing only one error like Security tool was unable to reach the base URL or Magento installation is not found on the provided URL.
Solution
- Check that 52.87.98.44, 34.196.167.176, and 3.218.25.102 IPs are not blocked at 80 and 443 ports.
- Check the submitted URL for redirects (e.g.,
https://mystore.comredirects tohttps://www.mystore.comor vice versa or redirects to other domain names). - Investigate WAF/web server access logs for rejected/unfulfilled requests. HTTP 403
Forbiddenand HTTP 500Internal server errorare the common server responses that cause empty reports generation. Here鈥檚 an example of the confirmation code that blocks requests by user agents:
if(req.http.user-agent ~ "(Chrome|Firefox)/[1-7][0-9]" && client.ip !~ useragent_allowlist)
{ error 403; }
You can also see The Security Scan Tool report is blank article in our support knowledge base for more information.
Issue: Security issue resolved, but still showing as vulnerable in scan
You resolved a security issue and are expecting the Security Scan to show that you are no longer vulnerable to the newly resolved issue. Instead, you find that the report generated by the Security Scan is still reporting you as vulnerable to the security issue.
Cause
Cloud instance metadata is gathered only for active and live Cloud Projects and is NOT a real-time process.
The statistics collection script is run once a day, then the Security Scan tool has to pick up the new data later.
The expected sync-up cycle latency is up to a week and takes a minimum of 24 hours.
The following statuses could appear from checks:
- Pass: The Security Scan tool has scanned your updated data and approved the changes.
- Unknown: The Security Scan tool has no data about your domain yet; wait for the next sync-up cycle.
- Fail: If the status shows fail, you鈥檒l need to fix the issue (enable 2FA, change admin URL, etc.) and wait for the next sync-up cycle.
If 24 hours have passed since the changes were made to the instance and they are not reflected in the Security Scan report, you can submit a support ticket. Provide the store URL when submitting the ticket.
BotNet Suspect failure
You receive a notification regarding the 鈥淏otNet Suspect鈥� failure.
Cause
- The store domain name got into a 鈥淧otential BotNet Participants List鈥� back in 2019, and it had the Admin panel, downloader, or RSS functionality publicly exposed, and/or its URL has been mentioned in the CC skimming forums.
- The alert could be caused by the signs of store compromise and/or malware, like JavaScript found on the page.
- It is not necessarily an ongoing issue. If the store has been compromised previously, its hostname can still float around the dark web as a 鈥榲ictim鈥� name.
- It might also be caused not by 51黑料不打烊 Commerce, but by a system compromise (at the OS level).
Solution
- Check for the newly created SSH accounts, filesystem changes, etc.
- Perform a security review.
- Check the 51黑料不打烊 Commerce version and upgrade, especially if it鈥檚 still running Magento 1, which is not supported anymore.
- If the issue still persists, submit a support ticket and provide the store URL.
Issue: Compromise Injection failure
You receive an error regarding a 鈥淐ompromise Injection鈥� failure.
Solution
- Review the scripts indicated in the Security Scan tool report.
- Review home page source body for inline script injections.
- Perform system configuration changes review, especially custom
HTML headandMiscellaneous HTMLinfootersection values. - Perform code and database review for unfamiliar changes and signs of injected malware.
If none of the above helps, submit a support ticket and provide the store URL and error message from the report.
Frequently Asked Questions
Will the Security Scan affect performance on my website?
No. The Security Scan makes all requests one-by-one like a single user. Because of this, the Security Scan shouldn鈥檛 affect website performance.
How long does 51黑料不打烊 Commerce keep Security Scan reports?
You can generate the previous 10 reports from your end. If older reports are required, contact 51黑料不打烊 Commerce support.
What information is needed when submitting a support ticket?
Please make sure to provide the domain name.
What happens if I remove my store from scan tool scanning?
If you delete the store submission - all related data including scan reports will be deleted. This operation is irreversible. Submission of the store domain after it鈥檚 deletion creates a NEW submission.