It is very often that we take a site from another firm and now we are stuck with a conglomeration of code and potentially dozens of people who have worked on a site. I am looking for a punch list of items to ask of a security person to ensure the Magento site is hardened. This would be required if someone were to take full responsibility for all the code and the client did not want to rebuild from scratch.
My question: Is there a top 10 or top 20 list of items to ask and to document?
Best Answer
From my experience, these are important things to get information about when taking over a new shop from a security point of view. This list is not ordered & complete yet, I will continue to work on the list.
Magento Security
System Security
Organisation