Real-time Protection for Magento
Protect your store from all known Magento attacks. Save thousands in developer time. Avoid downtime and instability from rushed patching.
Unlike traditional WAFs that rely on generic rules, Sansec Shield deeply integrates with Magento and benefits from Sansec's famous expertise in Magento security. This makes our WAF the most effective solution to protect your Magento store.
Hack Protection Guarantee
We guarantee your store won't be hacked while Shield is active. See FAQ below for guarantee conditions and requirements.
Postpone patches — or skip altogether
No more emergency weekend deployments or rushed fixes that could break your store.
Instant Threat Protection
Block critical vulnerabilities as soon as they're discovered. Our threat intelligence network detects and stops emerging attacks.
Installation
The Shield composer module requires Magento 2.3+, PHP 7.2+ and a Sansec Advanced or Enterprise license key.
# For Composer 1 only (legacy support)
composer config repositories.sansec-shield vcs https://github.com/sansecio/magento2-module-shield.git
# Install Shield module (works with Composer 1 & 2)
composer require sansec/magento2-module-shield
# Configure Magento
bin/magento setup:upgrade
bin/magento config:set sansec_shield/general/license_key YOURKEY
bin/magento cache:clean
# Sync protection rules
bin/magento sansec:shield:sync-rulesTest it by visiting your store and add ?SANSEC-SHIELD-TEST to your URL.
You'll see your first blocked attack appear instantly on your Shield Dashboard.
Shield vs Adobe Fastly WAF
| Sansec Shield | Adobe Fastly WAF | |
|---|---|---|
| Origin Protection | ✅ Bypass not possible | ❌ CDN, bypass possible Direct integration with your application provides superior protection compared to CDN WAF solutions, which can be bypassed if attackers discover your origin servers. |
| Response Time to New Threats | ✅ Minutes | ❌ Weeks Adobe Commerce WAF is updated irregularly. When the CosmicSting bug was published on June 11th, Adobe did not implement WAF filters until 5 weeks later. Mass-attacks had been ongoing by then and dozens of Adobe Commerce stores got hacked. |
| Performance Impact | ✅ 0 ms | ❌ 1.5 - 20 ms |
| Setup Complexity | ✅ Simple Module Install | ❌ Complex Setup |
| False Positives | ✅ None | ❌ Yes |
| Filtering Transparency | ✅ Full Open Source | ❌ Mostly Closed Source |
| Supports | Adobe Cloud, Adobe Commerce, Magento Open Source | Adobe Cloud only |
Save Thousands in Dev Costs
Each patch takes a day. Shield protects you while you postpone — saving up to $5,000/year per store.
Magento-Exclusive Protection
Generic WAFs miss platform-specific threats. Shield doesn't — we know Magento better than anyone.
Built for Stability
No more rushed updates, staging bugs, or patch regressions. Shield keeps your stack calm and secure.
Frequently Asked Questions
★Who can use Sansec Shield?
Sansec Shield is available for Adobe Commerce and Magento 2 stores with our Advanced plan or higher. Compatible with Magento Open Source and Adobe Commerce, including Adobe Cloud.
★Do I still need eComscan?
Yes. Sansec Shield protects against web traffic attacks, but attacks can come through other channels like compromised SSH accounts, hijacked devices, or non-Magento applications. Shield and eComscan work together to provide complete security coverage.
★We use Cloudflare WAF. Is Sansec Shield recommended and compatible?
Yes to both! Cloudflare is a generic WAF that doesn't cover Magento-specific attack vectors (like the recent CVSS 9.4 vulnerability). Keep Cloudflare in place - there's no downside to using both simultaneously.
★Does Sansec Shield impact store performance?
No. Shield has zero performance impact through efficient pattern matching, direct Magento cache integration, selective request analysis, and sub-millisecond processing times.
★How quickly are new threats added to protection rules?
Our global threat detection network identifies and distributes new protection rules within minutes of detecting attack patterns. All rules are automatically verified and deployed without manual intervention.
★How does Sansec Shield prevent false positives?
Shield only blocks actual attack probes - no secondary criteria like "suspect networks" or "suspicious user agents". Our Magento expertise means we know exactly what attacks look like. New detection rules are validated against hundreds of real stores before deployment.
★How quickly can we disable Sansec Shield?
No customer has ever needed to disable Shield, but if required, you can instantly disable it with this command (works on Adobe Cloud): bin/magento config:set sansec_shield/general/enabled 0
★What are the guarantee conditions?
When Sansec Shield is installed, we guarantee that your store will not be hacked, provided that:
- You have a valid Sansec Advanced or Enterprise license and run a supported version of Magento (v2.3+)
- You are running the latest version of the Sansec Shield module.
- You have changed your admin and database credentials since any previous attack
- You enforce multi-factor authentication for staff accounts
Our guarantee does not cover any third party applications (such as Wordpress) that are running on the same server.
