To support our customers during COVID-19 pandemic, we had introduced many
offers and discounts
to help your ecommerce businesses. Learn more

Add Secret Key to URLs in Magento 2

Add Secret Key to URLs in Magento 2

Threatpost reported a story about a remote code execution vulnerability with Magento 2 Enterprise and Community software.

Magento is committed to delivering superior security to clients and has been actively investigating the root cause of the reported issue.

To reduce potential attacks in magento 2 do following steps.

1. Logon to Merchant Site Admin URL (e.g., your
2. Click on Stores > Configuration > ADVANCED > Admin > Security > Add Secret Key to URLs
3. Select YES from the dropdown options
4. Click on Save Config

This problem will be automatically fixed in next version.

April 16, 2017
Did you like this post?