Make Magento 2 More Secure with a Simple Tweak

From time to time we have guest posts on the blog. Today’s post is from Konstantin Gerasimov at goivvy.com.

Magento 2 sites make their platform version public. You can visit ‘domain.com/magento_version’ and get a message like this:

Magento/2.4 (Community)

You can go to your site, append /magento_version and wonder why Magento developers team made it public.

I consider it a security risk and here is how to fix it.

All you need to do is to disable Magento_Version extension:

php bin/magento module:disable Magento_Version

You might want to recompile afterwards:

php bin/magento deploy:mode:set production

That’s it. No more Magento version being displayed on your website.  :)

About the author: Konstantin Gerasimov is a Magento certified developer with Goivvy.com. He specializes in speed optimization, migration and general Magento support.

Looking for a web host that understands ecommerce and business hosting?
Check us out today!

Leave a Reply