Magento 2 Secret Key for preventing CSRF (Cross-site request forgery)


Hello Friends,

First of all i will explain CSRF. CSRF stats for Cross-site request forgery. some times our website can be stuck due to malicious code or forgery to transmit unauthorized commands to be executed. a malicious website can transmit such commands, specially-crafted image tags, hidden forms, and JavaScript and harm to our website.

Magento Provides More Security than we assume and always try to make better. I am explaining one of the security of magento is Secret Key in Urls.

Whenever we open magento back-end we show security key existed in url. if we try to obtain remove key and enter it will always redirect to dashboard. it will check each and every time new url will call.

I am explaining how we can enable/disable security key from admin section but it is highly recommend always security key should be configured as yes.

Go To > Store > Configuration > Advanced > Admin > Security > Add Secret Key to URLs







That's It...!!! Have A Nice Day...!!!

Experienced Magento Certified Developer with a demonstrated history of working in the information technology and services industry. Skilled in SQL, PHP, XAMPP, jQuery, and Microsoft Office. Strong engineering professional with a Master of Computer Applications

0 comments:

Post a Comment

Popular Posts

Have You Any Questins Let Us Know.

Contact Us
DENISH VACHHANI
Ahmedabad India