eComscan secures over 7,000 online stores
  • 30-day money back guarantee
  • Easy 5 minute install
  • Cancel any time
Get started in 5 minutes!
Secure your store today.
CLICK HERE

How to grant Sansec access to your store

  • 21st September 2023

    Support / Site audit

To perform an install, cleanup or forensic investigation of your system, please grant us temporary access to your (primary) production environment and log facilities. Ask your devops team or hosting partner to run these steps:

  1. Set up your firewall to allow our secure gateway IP 195.201.150.170

  2. Add our SSH public key to your webserver account (see below) and ensure correct permissions: chmod 700 ~/.ssh, chmod 600 ~/.ssh/authorized_keys

  3. Email us the server, user name and port to use for SSH at [email protected].

The use of SSH is by far the most secure method to grant access. It does not require sending over passwords over insecure channels, so nothing can be intercepted. To share access, please add our SSH public key to $HOME/.ssh/authorized_keys (make sure it ends up on one line):

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDSlrgyDEhQYmP1gihXTY/KlrDi6vUM+XlzEMlGSFglHhYRzmcB4l/LZgXDvfwXmvg+cr2wFRJJsq4G9H44qXkyVcn8h+f+rlWaMQNPlfqvdvQaFz/gJai/9hIf2WfmI5/zIF5uAzimTtz/ch9ur/23Qcic7dUeC4r6GASFFqR0Rt4zhCdOIdw2YU+5Jc2Xi7eWS3DD+Vko0j593CyMdn2iaQ1Vs2wivYvL57fd+lfNt+z2jOUOmkkOzcO4sVBZlVwVLrSYZIjHD6OcURA9j0ypwsneYAjNVBI+sjtnce/ZIncwyPSZ1oNTbImolwe1uK2zjjQSv1Gz4Z9lue1kS4LE4qba0+gnsGozbBPzAQ8v0aPr/uXDq96HCVUp8tPg/Evss3mA/AKvIKAduwVX+2Ia4h6W0jpQ103dncNF1ZdSBkbIi8NzIB+H3/nHkOfXa1jDXcudkmkXLwV1oClG4If6ZF6xet3Ao4KSgNsp6766rJPU3l9DZt86irTIMCjIRA0= sansec-gpg

The shared account should have at least read-access to all of the store’s files, database and web server access logs.

Are you running Magento Cloud? In that case, please add our Magento account [email protected] to your project, it will automatically deploy our SSH keys.

If you require a forensic analysis, please share answers to the following questions to speed up the investigation:

  1. What made you believe that your store has been compromised? Please share relevant dates and communication.
  2. Have you modified your system since the discovery? Please share recorded timestamps (creation + modification) for any files you may have (re-) moved. Please minimize code modifications until the investigation is completed, or valuable evidence may be erased.
  3. Have there been previous incidents and/or investigations?

This page was last updated at Jan 9th, 2023

Need expert advice?

We are here to help!

Get in touch