{"id":6487,"date":"2023-03-27T12:43:47","date_gmt":"2023-03-27T12:43:47","guid":{"rendered":"https:\/\/www.ycrsoft.com\/blog\/?p=6487"},"modified":"2023-04-06T13:25:08","modified_gmt":"2023-04-06T13:25:08","slug":"magento-2-icin-temel-guvenlik-tuyolari","status":"publish","type":"post","link":"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/","title":{"rendered":"Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131"},"content":{"rendered":"<section class=\"av_textblock_section \"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock  '   itemprop=\"text\" ><p>Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131:<\/p>\n<div id=\"attachment_6488\" style=\"width: 762px\" class=\"wp-caption alignnone\"><img aria-describedby=\"caption-attachment-6488\" class=\"wp-image-6488 size-full\" src=\"https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-1.jpgs_.jpg\" alt=\"Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131\" width=\"752\" height=\"334\" srcset=\"https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-1.jpgs_.jpg 752w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-1.jpgs_-300x133.jpg 300w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-1.jpgs_-705x313.jpg 705w\" sizes=\"(max-width: 752px) 100vw, 752px\" \/><p id=\"caption-attachment-6488\" class=\"wp-caption-text\">Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131<\/p><\/div>\n<p>\u00dcstesinden gelin, g\u00fcvenlik herhangi bir \u00e7evrimi\u00e7i i\u015f s\u00fcrecinin ayr\u0131lmaz bir par\u00e7as\u0131 olmal\u0131d\u0131r. Bir t\u00fcccar olarak ilk elden biliyorsunuz, \u00f6zellikle<a href=\"https:\/\/www.ycrsoft.com\/blog\/magento-web-sitesi-bakimi\/\"> web siteleri ve e-ticaret siteleri<\/a> y\u0131l\u0131n 365 g\u00fcn\u00fc 7\/24 tehlikeye at\u0131l\u0131yor.<\/p>\n<blockquote>\n<p>Perakendenin 2019-2022 i\u00e7in en \u00e7ok sald\u0131r\u0131ya u\u011frayan ilk 10 sekt\u00f6rden biri olaca\u011f\u0131 tahmin ediliyor<\/p>\n<\/blockquote>\n<p>S\u0131rada kim var?\u00a0Belki siz\u2026 Yoksa ger\u00e7ekten Magento 2&#8217;nin bir istisna yapt\u0131\u011f\u0131na inan\u0131yor musunuz?\u00a0Ne yaz\u0131k ki de\u011fil.<\/p>\n<blockquote>\n<p>2020 itibariyle, Magento taraf\u0131ndan desteklenen 250.000&#8217;den fazla aktif e-Ticaret sitesi var ve bu, t\u00fcm \u00e7evrimi\u00e7i ma\u011fazalar\u0131n yakla\u015f\u0131k %12&#8217;sini olu\u015fturuyor.<\/p>\n<\/blockquote>\n<p>Magento, di\u011fer e-ticaret \u00e7\u00f6z\u00fcmlerine k\u0131yasla y\u0131llard\u0131r en yayg\u0131n platformlardan biri olmu\u015ftur.\u00a0Teknik yetenekler, yaln\u0131zca e-ticaret ba\u015flang\u0131\u00e7 \u200b\u200bihtiya\u00e7lar\u0131n\u0131 de\u011fil, daha b\u00fcy\u00fck i\u015fletmelerin ve perakende devlerinin taleplerini de kapsar.<\/p>\n<p>Ger\u00e7ek, platformu sald\u0131rganlar i\u00e7in tatl\u0131 bir yay\u0131lma haline getiriyor.\u00a0Bunu g\u00fcndeme getirmemizin ve size Magento 2 yerel g\u00fcvenlik \u00f6zelliklerini ve temel g\u00fcvenlik sald\u0131r\u0131lar\u0131n\u0131 anlatmam\u0131z\u0131n nedeni budur.<\/p>\n<h2>Magento 2 i\u00e7in temel g\u00fcvenlik t\u00fcyolar\u0131<\/h2>\n<h3>G\u00fcvenlik taramas\u0131n\u0131 kullan<\/h3>\n<p><a href=\"https:\/\/www.ycrsoft.com\/blog\/wordpress-5-7-1-guvenlik-guncellemesi-yayinlandi\/\">Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131: Magento G\u00fcvenlik<\/a> Taramas\u0131 oturumlar\u0131n\u0131 zaman\u0131nda \u00e7al\u0131\u015ft\u0131r\u0131n. Bu \u00fccretsiz ara\u00e7, ma\u011fazan\u0131z\u0131 bilinen g\u00fcvenlik a\u00e7\u0131klar\u0131na kar\u015f\u0131 test edecek ve size yararl\u0131 g\u00fcvenlik yamalar\u0131 hakk\u0131nda bilgi verecektir.<\/p>\n<p>Ayr\u0131ca, \u00e7evrenin ve <a href=\"https:\/\/www.ycrsoft.com\/blog\/magento-temalari-nasil-olusturulur-magento-ile-istediginiz-temayi-olusturabilirsiniz\/\">Magento&#8217;nun<\/a> nas\u0131l korunaca\u011f\u0131na ve hangi i\u015faretlerin sald\u0131r\u0131 giri\u015fimlerine i\u015faret edebilece\u011fine ili\u015fkin en iyi g\u00fcvenlik uygulamalar\u0131n\u0131 kontrol edin.<\/p>\n<p>Y\u00f6netici panelinizi k\u00f6t\u00fc ama\u00e7l\u0131 etkinliklerden korumak i\u00e7in yapman\u0131z gereken ayarlar\u0131 burada\u00a0bulabilirsiniz.<\/p>\n<h3>\u00d6n u\u00e7\/arka u\u00e7 CAPTCHA ve Google ReCAPTCHA kullan\u0131n<\/h3>\n<p>2.3+ s\u00fcr\u00fcm\u00fcnden ba\u015flayarak, Magento, bir insan\u0131n web sitenize eri\u015fme giri\u015fiminde bulunmas\u0131n\u0131 sa\u011flamak i\u00e7in ma\u011fazan\u0131z\u0131n hem \u00f6n hem de arka b\u00f6l\u00fcmleri i\u00e7in CAPTCHA kurulumuna izin verir.<\/p>\n<p>Ayr\u0131ca, Google yeniden CAPTCHA art\u0131k Adobe Commerce&#8217;de mevcuttur. Google reCAPTCHA, farkl\u0131 g\u00f6r\u00fcnt\u00fcleme se\u00e7enekleri ve y\u00f6ntemleri aras\u0131ndan geli\u015fmi\u015f g\u00fcvenlik sa\u011flayabilir.<\/p>\n<h3>\u0130ki fakt\u00f6rl\u00fc kimlik do\u011frulama kullan\u0131n<\/h3>\n<p>2.3 s\u00fcr\u00fcm\u00fcnde \u00f6zellik varsay\u0131lan olarak devre d\u0131\u015f\u0131 b\u0131rak\u0131lm\u0131\u015ft\u0131r, 2.4+ s\u00fcr\u00fcm\u00fcnde zorunludur.\u00a0Kimlik do\u011frulama yaln\u0131zca ma\u011faza y\u00f6neticileri i\u00e7in sa\u011flan\u0131r ve m\u00fc\u015fterileri kapsamaz.<\/p>\n<ol>\n<li>Magento 2F kimlik do\u011frulama anahtarlar\u0131n\u0131n kullan\u0131m\u0131n\u0131 ayarlamak i\u00e7in\u00a0<strong>Ma\u011fazalar > Ayarlar > Yap\u0131land\u0131rma<\/strong>\u00a0b\u00f6l\u00fcm\u00fcne gidin .<\/li>\n<li><strong>G\u00fcvenlik<\/strong>\u00a0sekmesi alt\u0131nda\u00a0<strong>2FA&#8217;y\u0131<\/strong>\u00a0se\u00e7in\u00a0.<\/li>\n<li><strong>Genel<\/strong>\u00a0b\u00f6l\u00fcm\u00fcn\u00fc a\u00e7\u0131n\u00a0ve Sa\u011flay\u0131c\u0131n\u0131z\u0131\u00a0<strong>se\u00e7in<\/strong>\u00a0.<\/li>\n<li>Sa\u011flay\u0131c\u0131n\u0131z\u0131n ayarlar\u0131n\u0131\u00a0belgelere\u00a0g\u00f6re tamamlay\u0131n .<\/li>\n<li>Kaydetmek.<\/li>\n<\/ol>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<h3>Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131: G\u00fc\u00e7l\u00fc \u015fifreler kullan\u0131n<\/h3>\n<ul>\n<li>Varsay\u0131lan y\u00f6netici URL anahtar\u0131n\u0131 https:\/\/yoursite.com\/backend veya https:\/\/yoursite.com\/admin \u00f6zel bir anahtarla de\u011fi\u015ftirin.<\/li>\n<li>IP beyaz listesini (y\u00f6netici panelinize yaln\u0131zca belirli IP adresleri eri\u015febilir) veya VPN hizmetlerini kullan\u0131n.<\/li>\n<li>Parolalar\u0131n\u0131z\u0131 en az \u00fc\u00e7 ayda bir de\u011fi\u015ftirin.<\/li>\n<li>Ger\u00e7ekten ihtiyac\u0131 olan kullan\u0131c\u0131lara y\u00f6netici eri\u015fimi verin.\u00a0Yaln\u0131zca i\u015f i\u00e7in gerekli olan y\u00f6netici sekmelerine eri\u015fim verin, y\u00f6netici rollerini yap\u0131land\u0131r\u0131n.\u00a0Ve asla bir hesab\u0131 birka\u00e7 kullan\u0131c\u0131yla payla\u015fmay\u0131n.<\/li>\n<\/ul>\n<h3>Geli\u015fmi\u015f y\u00f6netici eri\u015fim izinlerini kullan\u0131n<\/h3>\n<p><a href=\"https:\/\/www.ycrsoft.com\/blog\/magento-acik-kaynagin-gelecegi\/\">Magento 2<\/a> Commerce&#8217;de, web sitesi\/ma\u011faza g\u00f6r\u00fcn\u00fcm\u00fcne g\u00f6re kapsamlar ayarlayabilirsiniz.\u00a0B\u00f6ylece, bir kullan\u0131c\u0131 belirli bir web sitesi\/ma\u011faza g\u00f6r\u00fcn\u00fcm\u00fc ile ilgili verileri g\u00f6rme izinlerine sahip olacakt\u0131r.\u00a0Ayr\u0131ca, y\u00f6netici kullan\u0131c\u0131lar\u0131n eylemlerini g\u00fcnl\u00fc\u011fe kaydeder.<\/p>\n<h2>5 MAGENTO 2 VANILLA G\u00dcVENL\u0130K \u00d6ZELL\u0130KLER\u0130<\/h2>\n<p>Yeni 2.4+ s\u00fcr\u00fcm\u00fcne toplu ge\u00e7i\u015f ve \u00e7ok say\u0131da tespit edilen g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ile\u00a0Magento G\u00fcvenlik Merkezi\u00a0, \u00a0bug\u00fcn burada bahsedece\u011fimiz temel y\u00f6netici yap\u0131land\u0131rmalar\u0131 i\u00e7in <a href=\"https:\/\/www.ycrsoft.com\/blog\/web-site-guncellik-ve-guvenlik-iliskisi-ycrsoft\/\">g\u00fcvenlik yamalar\u0131 ve g\u00fcncellemeleri <\/a>d\u00fczenli olarak yay\u0131nlar.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<h3><span id=\"1_Strong_data_encryption\">#1 G\u00dc\u00c7L\u00dc VER\u0130 \u015e\u0130FRELEME<\/span><\/h3>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<p>G\u00fc\u00e7l\u00fc veri \u015fifreleme, iyi bilinen Magento 2 g\u00fcvenlik \u00f6zelliklerinden biridir.\u00a0Hem Magento Commerce hem de Magento A\u00e7\u0131k Kaynak s\u00fcr\u00fcmleri i\u00e7in mevcuttur ve\u00a0\u00a0<strong>parolalar\u0131 ve di\u011fer savunmas\u0131z bilgileri korumak i\u00e7in g\u00fc\u00e7l\u00fc bir \u015fifreleme anahtar\u0131n\u0131n kullan\u0131m\u0131na<\/strong>\u00a0odaklanm\u0131\u015ft\u0131r .<\/p>\n<p>T\u00fcm hassas bilgiler\u00a0\u00a0<strong>AES-256 algoritmas\u0131\u00a0<\/strong><strong>ile \u015fifrelenir<\/strong>\u00a0\u00a0.\u00a0Ayr\u0131ca \u015fifresinin \u00e7\u00f6z\u00fclmesini gerektiren bu gizli veriler, kredi kart\u0131 bilgilerini, \u00f6deme ve kargo mod\u00fcl\u00fc \u015fifrelerini i\u00e7erir.\u00a0Kalan bilgilere gelince, \u015fifre \u00e7\u00f6zme gerektirmez ve bu nedenle\u00a0\u00a0<strong>g\u00fc\u00e7l\u00fc bir SHA-256 ile hashlenir<\/strong>\u00a0.<\/p>\n<p>Magento&#8217;yu kurarken, platformun bir \u015fifreleme anahtar\u0131 olu\u015fturmas\u0131na izin vermeyi veya kendi anahtar\u0131n\u0131z\u0131 yazmay\u0131 se\u00e7ebilirsiniz.\u00a0Bu\u00a0\u00a0<strong>Magento \u015eifreleme Anahtar\u0131 arac\u0131,<\/strong>\u00a0\u00a0ihtiya\u00e7 duydu\u011funuzda bir anahtar ayarlaman\u0131za izin verir.<\/p>\n<p>Ma\u011faza g\u00fcvenli\u011finizi art\u0131rmak i\u00e7in anahtar, \u00f6rne\u011fin orijinal anahtar\u0131n tehlikeye girebilece\u011fi herhangi bir zamanda d\u00fczenli olarak de\u011fi\u015ftirilmelidir.\u00a0\u015eifreleme anahtar\u0131 de\u011fi\u015ftirildi\u011finde, t\u00fcm gizli bilgiler\u00a0\u00a0<strong>yeniden \u015fifrelenecektir<\/strong>\u00a0.<\/p>\n<h4><span id=\"How_to_change_the_original_encryption_key_for_Magento_2_security\">MAGENTO 2 SECURITY \u0130\u00c7\u0130N OR\u0130J\u0130NAL \u015e\u0130FRELEME ANAHTARINI NASIL DE\u011e\u0130\u015eT\u0130R\u0130R\u0130M?<\/span><\/h4>\n<p>\u015eifreleme anahtar\u0131n\u0131 de\u011fi\u015ftirmek i\u00e7in \u015fu dosyan\u0131n yaz\u0131labilir oldu\u011fundan emin olun:\u00a0\u00a0<strong>[ma\u011fazan\u0131z]\/app\/etc\/env.php<\/strong>\u00a0.<\/p>\n<ul>\n<li><strong>Y\u00f6netici<\/strong>\u00a0Panelinde oturum a\u00e7t\u0131\u011f\u0131n\u0131zda\u00a0 ,\u00a0<strong>Sistem > Di\u011fer Ayarlar > \u015eifreleme Anahtar\u0131n\u0131 Y\u00f6net&#8217;e<\/strong>\u00a0gidin\u00a0 ;<\/li>\n<li>Anahtar\u0131 otomatik olarak olu\u015fturmay\u0131 veya kendi anahtar\u0131n\u0131z\u0131 kullanmay\u0131 se\u00e7in;<\/li>\n<li>\u0130lk de\u011fi\u015fken i\u00e7in\u00a0\u00a0<strong>Otomatik olarak bir Anahtar olu\u015ftur se\u00e7ene\u011fini\u00a0<\/strong><strong>&#8220;Evet&#8221;<\/strong>\u00a0\u00a0olarak\u00a0 ayarlay\u0131n\u00a0\u00a0ve\u00a0\u00a0<strong>\u015eifreleme Anahtar\u0131n\u0131 De\u011fi\u015ftir<\/strong>\u00a0\u00a0d\u00fc\u011fmesini t\u0131klay\u0131n;<\/li>\n<li>Farkl\u0131 bir anahtar kullanmak i\u00e7in\u00a0\u00a0<strong>Anahtar\u0131 Otomatik Olu\u015ftur se\u00e7ene\u011fini\u00a0<\/strong><strong>\u00a0\u201cHay\u0131r\u201d<\/strong>\u00a0\u00a0olarak ayarlay\u0131n\u00a0.\u00a0Ard\u0131ndan Yeni Anahtar alan\u0131na kullanmak istedi\u011finiz anahtar\u0131 girin ve\u00a0\u00a0<strong>\u015eifreleme Anahtar\u0131n\u0131 De\u011fi\u015ftir<\/strong>\u00a0\u00a0d\u00fc\u011fmesine t\u0131klay\u0131n.<\/li>\n<\/ul>\n<p>Bu yap\u0131ld\u0131ktan sonra, yeni bir anahtar eklenir.\u00a0Dosyalar\u0131n\u0131zda herhangi bir sorun olursa verilerin \u015fifresini \u00e7\u00f6zmeniz gerekebilece\u011finden, l\u00fctfen yeni anahtar\u0131n kayd\u0131n\u0131 g\u00fcvenli bir yerde saklay\u0131n.<\/p>\n<p>\u2192 Site\/Gizli Anahtar\u0131n nas\u0131l olu\u015fturulaca\u011f\u0131n\u0131 g\u00f6r\u00fcn<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<h3><span id=\"2_Session_Validation\">#2 OTURUM DO\u011eRULAMASI<\/span><\/h3>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<p><strong>Magento 2, olas\u0131 oturum sald\u0131r\u0131lar\u0131na veya kullan\u0131c\u0131 oturumlar\u0131n\u0131 zehirleme\/ka\u00e7\u0131rma giri\u015fimlerine kar\u015f\u0131 A\u00e7\u0131k Kaynakta koruyucu bir \u00f6nlem olarak oturum de\u011fi\u015fkenlerini do\u011frulamay\u0131<\/strong> sunar.<\/p>\n<p>Bu Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131,\u00a0 <strong>her ma\u011faza ziyareti s\u0131ras\u0131nda oturum de\u011fi\u015fkenlerinin nas\u0131l do\u011fruland\u0131\u011f\u0131n\u0131<\/strong>\u00a0ve oturum kimli\u011finin ma\u011fazan\u0131n URL&#8217;sine dahil edilip edilmedi\u011fini belirler.\u00a0Do\u011frulama, do\u011frulama de\u011fi\u015fkenlerinin de\u011ferini kullan\u0131c\u0131 i\u00e7in zaten $_SESSION verilerinde depolanan oturum verileriyle kar\u015f\u0131la\u015ft\u0131rarak ziyaret\u00e7ilerin s\u00f6yledikleri ki\u015fi olup olmad\u0131\u011f\u0131n\u0131 kontrol eder.<\/p>\n<p>Bilgi beklendi\u011fi gibi iletilmezse ve kar\u015f\u0131l\u0131k gelen de\u011fi\u015fken bo\u015fsa do\u011frulama ba\u015far\u0131s\u0131z olur.\u00a0Bir oturum de\u011fi\u015fkeni do\u011frulama s\u00fcrecinde ba\u015far\u0131s\u0131z olursa,\u00a0\u00a0<strong>m\u00fc\u015fteri oturumu hemen sonland\u0131r\u0131l\u0131r<\/strong>\u00a0.<\/p>\n<p><strong>T\u00fcm do\u011frulama de\u011fi\u015fkenlerinin etkinle\u015ftirilmesi, sald\u0131r\u0131lar\u0131n \u00f6nlenmesine yard\u0131mc\u0131 olabilir<\/strong>\u00a0, ancak sunucunun performans\u0131n\u0131 da etkileyebilir.\u00a0Varsay\u0131lan olarak, t\u00fcm oturum de\u011fi\u015fkenlerinin do\u011frulanmas\u0131 devre d\u0131\u015f\u0131d\u0131r.\u00a0Bu nedenle, Magento kurulumunuz i\u00e7in en iyi kombinasyonu bulmak \u00fczere ayarlar\u0131 denemeniz gerekir.\u00a0T\u00fcm do\u011frulama de\u011fi\u015fkenlerinin etkinle\u015ftirilmesi \u00e7ok k\u0131s\u0131tlay\u0131c\u0131 olabilir ve bir proxy sunucudan ge\u00e7en veya bir g\u00fcvenlik duvar\u0131n\u0131n arkas\u0131ndan gelen \u0130nternet ba\u011flant\u0131lar\u0131 olan m\u00fc\u015fterilerin eri\u015fimini engelleyebilir.<\/p>\n<p>Varsay\u0131lan Magento 2 oturum depolamas\u0131n\u0131 kullan\u0131yorsan\u0131z, oturum dosyalar\u0131n\u0131z a\u015fa\u011f\u0131daki dizinlerde bulunacakt\u0131r:<\/p>\n<ul>\n<li><strong><magento_root>\/var\/session<\/strong><\/li>\n<li><strong>env.php<\/strong>\u00a0dosyas\u0131nda\u00a0tan\u0131mlanan dizin<\/li>\n<li><strong>php.ini<\/strong>\u00a0dosyas\u0131nda\u00a0yap\u0131land\u0131r\u0131lm\u0131\u015f dizin<\/li>\n<\/ul>\n<h4><span id=\"How_to_change_Session_Validation_Settings_in_Magento_2\">MAGENTO 2&#8217;DE OTURUM DO\u011eRULAMA AYARLARI NASIL DE\u011e\u0130\u015eT\u0130R\u0130L\u0130R?<\/span><\/h4>\n<p>Magento 2 a\u015fa\u011f\u0131daki oturum tiplerine sahiptir:<\/p>\n<ol>\n<li>Arka u\u00e7 i\u00e7in kullan\u0131lan\u00a0<strong>Magento\\Backend\\Model\\Session<\/strong><\/li>\n<li>Katalog filtreleri i\u00e7in kullan\u0131lan\u00a0<strong>Magento\\Catalog\\Model\\Session<\/strong><\/li>\n<li>\u00d6deme i\u00e7in kullan\u0131lan\u00a0<strong>Magento\\Checkout\\Model\\Session<\/strong><\/li>\n<li>M\u00fc\u015fteri hesaplar\u0131 i\u00e7in kullan\u0131lan\u00a0<strong>Magento\\Customer\\Model\\Session<\/strong><\/li>\n<li>Haber b\u00fclteni verileri i\u00e7in kullan\u0131lan\u00a0<strong>Magento\\B\u00fclten\\Model\\Oturum .<\/strong><\/li>\n<\/ol>\n<p><img class=\"alignnone size-full wp-image-6489\" src=\"https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-4-1.jpg\" alt=\"\" width=\"1900\" height=\"949\" srcset=\"https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-4-1.jpg 1900w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-4-1-300x150.jpg 300w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-4-1-1030x514.jpg 1030w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-4-1-768x384.jpg 768w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-4-1-1536x767.jpg 1536w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-4-1-1500x749.jpg 1500w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-4-1-705x352.jpg 705w\" sizes=\"(max-width: 1900px) 100vw, 1900px\" \/><\/p>\n<ul>\n<li><strong>Y\u00f6netici Panelinde<\/strong>\u00a0oturum a\u00e7t\u0131ktan sonra\u00a0\u00a0<strong>Ma\u011fazalar>Ayarlar>Yap\u0131land\u0131rma>Genel>Web>Oturum Do\u011frulama Ayarlar\u0131&#8217;na<\/strong>\u00a0gidin\u00a0\u00a0:<\/li>\n<\/ul>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<ul>\n<li>Sonraki de\u011fi\u015fkenlerin nas\u0131l ayarlanaca\u011f\u0131n\u0131 se\u00e7in:<\/li>\n<\/ul>\n<div class=\"et-custom-list\">\n<ul>\n<li>\u00a0Bir iste\u011fin IP adresinin $_SESSION de\u011fi\u015fkeninde depolananla e\u015fle\u015fti\u011fini do\u011frulamak istiyorsan\u0131z\u00a0<strong>REMOTE_ADDR Do\u011frula&#8217;y\u0131\u00a0<\/strong><strong>&#8220;Evet&#8221;<\/strong>\u00a0\u00a0olarak\u00a0\u00a0ayarlay\u0131n\u00a0 ;<\/li>\n<li>\u00a0Gelen bir iste\u011fin proxy adresinin $_SESSION de\u011fi\u015fkeninde saklanan adresle e\u015fle\u015fti\u011fini do\u011frulamak i\u00e7in\u00a0<strong>HTTP_VIA&#8217;y\u0131 Do\u011frula&#8217;y\u0131\u00a0<\/strong><strong>&#8220;Evet&#8221;<\/strong>\u00a0\u00a0olarak\u00a0\u00a0ayarlay\u0131n\u00a0 ;<\/li>\n<li>\u00a0Bir iste\u011fin y\u00f6nlendirilen adresinin $_SESSION de\u011fi\u015fkeninde saklanan adresle e\u015fle\u015fti\u011fini do\u011frulamak istiyorsan\u0131z\u00a0<strong>HTTP_X_FORWARDED_FOR Do\u011frula&#8217;y\u0131\u00a0<\/strong><strong>&#8220;Evet&#8221;<\/strong>\u00a0\u00a0olarak\u00a0\u00a0ayarlay\u0131n\u00a0 ;<\/li>\n<li>\u00a0Bir oturum s\u0131ras\u0131nda ma\u011fazaya eri\u015fmek i\u00e7in kullan\u0131lan taray\u0131c\u0131n\u0131n veya cihaz\u0131n $_SESSION de\u011fi\u015fkeninde depolananla e\u015fle\u015fti\u011fini do\u011frulamak i\u00e7in\u00a0<strong>Do\u011frula TTP_USER_AGENT ayar\u0131n\u0131\u00a0<\/strong><strong>&#8220;Evet&#8221;<\/strong>\u00a0\u00a0olarak\u00a0\u00a0ayarlay\u0131n\u00a0 .<\/li>\n<li>\u00a0Bir kullan\u0131c\u0131n\u0131n ma\u011fazalar aras\u0131nda ge\u00e7i\u015f yaparken oturumunun a\u00e7\u0131k kalmas\u0131n\u0131 istiyorsan\u0131z\u00a0<strong>\u00d6n U\u00e7ta SID Kullan&#8217;\u0131\u00a0<\/strong><strong>&#8220;Evet&#8221;<\/strong>\u00a0\u00a0olarak\u00a0\u00a0ayarlay\u0131n\u00a0 .<\/li>\n<\/ul>\n<\/div>\n<p>SID&#8217;yi analitikle birlikte \u00e7al\u0131\u015ft\u0131r\u0131yorsan\u0131z, analitik yaz\u0131l\u0131m\u0131n\u0131z\u0131 SID&#8217;yi URL&#8217;lerden filtreleyecek \u015fekilde yap\u0131land\u0131r\u0131n, b\u00f6ylece sayfa ziyareti say\u0131mlar\u0131 do\u011fru olur.<\/p>\n<ul>\n<li>Sid&#8217;i Magento 2&#8217;nin URL&#8217;sinden kald\u0131rmak i\u00e7in\u00a0<strong>Ma\u011faza > Yap\u0131land\u0131rma > Genel > Web&#8217;e<\/strong>\u00a0gidin ve\u00a0<strong>Oturum Do\u011frulama Ayarlar\u0131<\/strong>\u00a0b\u00f6l\u00fcm\u00fcn\u00fc a\u00e7\u0131n.<\/li>\n<li><strong>Storefront&#8217;ta SID Kullan alan\u0131n\u0131\u00a0<\/strong><strong>Hay\u0131r<\/strong>\u00a0olarak\u00a0ayarlay\u0131n\u00a0.<\/li>\n<li>Ard\u0131ndan Magento&#8217;nuzu yeniden dizinleyin ve \u00f6nbelle\u011fi yenileyin; SID Magento 2 kald\u0131r\u0131lacakt\u0131r.<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<h3><span id=\"3_Cookie_Validation\">#3 \u00c7EREZ DO\u011eRULAMASI<\/span><\/h3>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<p>HTTP \u00c7erezi, verileri bir sayfadan di\u011ferine aktarmak i\u00e7in bir web sunucusundan kullan\u0131c\u0131n\u0131n web taray\u0131c\u0131s\u0131na g\u00f6nderilen k\u00fc\u00e7\u00fck bir veri paketidir.\u00a0HTTP durum bilgisi olmayan bir protokol oldu\u011fu i\u00e7in gereklidir.<\/p>\n<p><strong>\u00c7erez zehirlenmesi ve h\u0131rs\u0131zl\u0131k gibi artan olaylar<\/strong>\u00a0gibi g\u00fcvenlik sorunlar\u0131 nedeniyle\u00a0\u00a0, bug\u00fcn yeni bir g\u00fcvenli \u00e7erez t\u00fcr\u00fc uyguland\u0131.\u00a0\u00c7erez, \u015fifreli bir HTTP ba\u011flant\u0131s\u0131 \u00fczerinden iletilir.\u00a0Bu t\u00fcr\u00fc ayarlarken, secure \u00f6zniteli\u011fi taray\u0131c\u0131n\u0131n uygulamaya nas\u0131l d\u00f6nd\u00fcr\u00fclece\u011fini belirler (\u015fifreli ba\u011flant\u0131n\u0131n hemen \u00fczerinden).<\/p>\n<p>Ancak, secure niteli\u011fi, \u00e7erezi uygulamadan taray\u0131c\u0131ya iletme s\u00fcrecinde korumaz.\u00a0\u00c7erezi tamamen korumak i\u00e7in\u00a0\u00a0<strong>HttpOnly ve SameSite \u00f6znitelikleri<\/strong>\u00a0de uygulanmal\u0131d\u0131r.\u00a0HttpOnly \u00f6zniteli\u011fi, tan\u0131mlama bilgilerine JavaScript taraf\u0131ndan eri\u015filmesini engellerken, SameSite \u00f6zelli\u011fi, yaln\u0131zca iste\u011fin ayn\u0131 etki alan\u0131ndan gelmesi durumunda uygulamaya tan\u0131mlama bilgilerinin g\u00f6nderilmesine izin verir.\u00a0Varsay\u0131lan olarak Magento, HTTPS&#8217;nin etkin olup olmad\u0131\u011f\u0131n\u0131 inceler ve otomatik olarak bir g\u00fcvenlik bayra\u011f\u0131 ayarlar.<\/p>\n<p>2018&#8217;de y\u00fcr\u00fcrl\u00fc\u011fe giren\u00a0Genel Veri Koruma Y\u00f6netmeli\u011fi\u00a0, herhangi bir ki\u015fisel veri toplama s\u00fcrecini \u015feffaf, g\u00fcvenli ve kullan\u0131c\u0131lar\u0131n r\u0131zas\u0131yla yapman\u0131z\u0131 gerektirir.\u00a0Bu GDPR uzant\u0131s\u0131n\u0131,\u00a0gereksinimlere uyman\u0131za ve para cezalar\u0131ndan ka\u00e7\u0131nman\u0131za yard\u0131mc\u0131 olmak i\u00e7in\u00a0geli\u015ftirdik .\u00a0Ayr\u0131ca , Brezilya&#8217;da \u00fcr\u00fcn satan t\u00fcccarlar\u0131n A\u011fustos 2020&#8217;de y\u00fcr\u00fcrl\u00fc\u011fe giren Brezilya Genel Veri Koruma Yasas\u0131na uymas\u0131na yard\u0131mc\u0131 olmak i\u00e7in ayr\u0131 bir\u00a0LGPD uzant\u0131s\u0131<br \/>\ngeli\u015ftirdik .<\/p>\n<p>California T\u00fcketici Gizlili\u011fi Yasas\u0131&#8217;na uymak i\u00e7in bu\u00a0CCPA uzant\u0131s\u0131n\u0131\u00a0kullan\u0131n .<\/p>\n<h4><span id=\"How_to_enable_HttpOnly_flag_for_cookie_in_Magento_2\">MAGENTO 2&#8217;DE \u00c7EREZ \u0130\u00c7\u0130N HTTPONLY BAYRAK NASIL ETK\u0130NLE\u015eT\u0130R\u0130LM\u0130\u015eT\u0130R?<\/span><\/h4>\n<p>HttpOnly bayra\u011f\u0131n\u0131 uygulamak istiyorsan\u0131z, varsay\u0131lan \u00e7erez ayarlar\u0131n\u0131 de\u011fi\u015ftirerek arka u\u00e7 \u00fczerinden yapabilirsiniz.<\/p>\n<ul>\n<li><strong>Y\u00f6netici Panelinde<\/strong>\u00a0oturum a\u00e7\u0131n\u00a0 ve\u00a0<strong>Ma\u011faza>Ayarlar>Yap\u0131land\u0131rma>Genel>Web>Varsay\u0131lan \u00c7erez Ayarlar\u0131&#8217;na<\/strong>\u00a0\u00a0gidin\u00a0\u00a0:<\/li>\n<\/ul>\n<div id=\"attachment_6490\" style=\"width: 1911px\" class=\"wp-caption alignnone\"><img aria-describedby=\"caption-attachment-6490\" class=\"wp-image-6490 size-full\" src=\"https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-6.png\" alt=\"Magento 2 G\u00fcvenlik \u00d6zellikleri\" width=\"1901\" height=\"887\" srcset=\"https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-6.png 1901w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-6-300x140.png 300w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-6-1030x481.png 1030w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-6-768x358.png 768w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-6-1536x717.png 1536w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-6-1500x700.png 1500w, https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/03\/Untitled-6-705x329.png 705w\" sizes=\"(max-width: 1901px) 100vw, 1901px\" \/><p id=\"caption-attachment-6490\" class=\"wp-caption-text\">Magento 2 G\u00fcvenlik \u00d6zellikleri<\/p><\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<ul>\n<li>\u00a0T\u00fcm tan\u0131mlama bilgilerinin HttpOnly y\u00f6nergesini i\u00e7ermesine ihtiyac\u0131n\u0131z varsa\u00a0<strong>Yaln\u0131zca HTTP Kullan alan\u0131n\u0131\u00a0<\/strong><strong>&#8220;Evet&#8221;<\/strong>\u00a0\u00a0olarak\u00a0\u00a0ayarlay\u0131n\u00a0 .<\/li>\n<\/ul>\n<p>Ayar etkinle\u015ftirildikten sonra, t\u00fcm HttpOnly tan\u0131mlama bilgilerine taray\u0131c\u0131lar taraf\u0131ndan eri\u015filemez ve bu nedenle XSS taraf\u0131ndan \u00e7al\u0131namaz.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<h3><span id=\"4_CSRF_protection\">#4 CSRF KORUMASI<\/span><\/h3>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<p>CSRF (Siteler Aras\u0131 \u0130stek Sahtekarl\u0131\u011f\u0131 veya XSRF) ile ilgili emsaller, Magento 2&#8217;deki g\u00fcvenlik ihlalleriyle ortak platformlar aras\u0131 g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n ak\u0131ll\u0131ca kullan\u0131lmas\u0131 nedeniyle 2017&#8217;de nadir de\u011fildi. Sonu\u00e7 olarak, Magento DC-2017-04-003 dan\u0131\u015fma belgesi, sat\u0131c\u0131lar\u0131 ikna etti:\u00a0<strong>CSRF sald\u0131r\u0131lar\u0131na kar\u015f\u0131 korunmak i\u00e7in URL&#8217;lere Gizli Anahtar Ekleme yap\u0131land\u0131rmas\u0131n\u0131<\/strong> kullan\u0131n.<\/p>\n<p>Anahtar, Magento 2&#8217;de varsay\u0131lan olarak etkinle\u015ftirildi\u011fi s\u00fcrece, bir\u00e7ok y\u00f6netici kullan\u0131c\u0131,\u00a0\u00a0<strong>de\u011fi\u015fikli\u011fin \u00f6nemini<\/strong>\u00a0hafife ald\u0131 ve s\u0131k\u0131nt\u0131l\u0131 sonu\u00e7lardan muzdaripti.\u00a0Deneyimli bir sald\u0131rgan\u0131n form anahtar\u0131n\u0131z\u0131 bir \u015fekilde ele ge\u00e7irmesi durumunda, parola onay\u0131 gerekmeksizin herhangi bir bi\u00e7imde bir CSRF sald\u0131r\u0131s\u0131 olu\u015fturulabilir.<\/p>\n<p>Sald\u0131rganlar taraf\u0131ndan kullan\u0131labilen y\u00f6ntemlerden biri, sonunda gerekli olan\u0131 bulana kadar y\u00f6netim panosu sayfas\u0131n\u0131 di\u011fer sayfalar\u0131n gizli anahtarlar\u0131 i\u00e7in ayr\u0131\u015ft\u0131rmakt\u0131r.\u00a0S\u0131k s\u0131k, bilgisayar korsanlar\u0131 savunmas\u0131z sitedeki herhangi bir eylemi kurban ad\u0131na ger\u00e7ekle\u015ftirmeye zorlar: parolay\u0131 de\u011fi\u015ftirme, parola kurtarma i\u00e7in gizli soru, e-posta vb.<\/p>\n<p><strong>Ancak, ek belirte\u00e7<\/strong>\u00a0gibi g\u00fcvenlik \u00f6zellikleri,\u00a0\u00a0bu t\u00fcr sald\u0131r\u0131lara kar\u015f\u0131 koruma sa\u011flamak i\u00e7in platform geli\u015ftiricileri taraf\u0131ndan uygulan\u0131r.\u00a0<strong>Bu , form_key parametresi olarak kullan\u0131lan rastgele olu\u015fturulmu\u015f 16 karakterli alfan\u00fcmerik bir dizenin,<\/strong>\u00a0\u00a0Y\u00f6netici Panelindeki t\u00fcm formlarda ek bir CSRF belirteci olarak kullan\u0131ld\u0131\u011f\u0131\u00a0anlam\u0131na gelir\u00a0 .<\/p>\n<p><strong>\u00d6rn:<\/strong><br \/>\n<strong>normal URL par\u00e7as\u0131:<\/strong><br \/>\n<em>book_audio\/book_catalog\/recoverImage<\/em><br \/>\n<strong>Tuzlu URL par\u00e7as\u0131 (16 karakterli alfasay\u0131sal dizi):<\/strong><br \/>\n<em>book_audio\/book_catalog\/recoverImageXXXXXXXXXXXXXXXX<\/em><\/p>\n<p>Ek belirte\u00e7, bilgilerin g\u00f6nderildi\u011fi herhangi bir formla birlikte ve form g\u00f6nderildikten sonra otomatik olarak olu\u015fturulur.\u00a0Magento 2 platformu, g\u00f6nderilen belirte\u00e7 ile oturumda depolanan aras\u0131nda bir e\u015fle\u015fme olup olmad\u0131\u011f\u0131n\u0131 kontrol eder.<\/p>\n<p>Sonu\u00e7lar \u00e7ak\u0131\u015f\u0131rsa, formun olu\u015fturuldu\u011fu kullan\u0131c\u0131 ile formu g\u00f6nderen kullan\u0131c\u0131 ayn\u0131d\u0131r.\u00a0Formlar \u00e7ak\u0131\u015fmazsa, daha fazla i\u015flenmez ve hi\u00e7bir bilgi bir sald\u0131rgan taraf\u0131ndan de\u011fi\u015ftirilemez.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<h3><span id=\"5_XSS_protection\">#5 XSS KORUMASI<\/span><\/h3>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"et_pb_section\">\n<div class=\"et_pb_row\">\n<div class=\"et_pb_column\">\n<div class=\"et_pb_text\">\n<p>Herhangi bir web uygulamas\u0131nda bulunabilen XSS g\u00fcvenlik a\u00e7\u0131\u011f\u0131, genellikle sald\u0131rganlar taraf\u0131ndan, kullan\u0131c\u0131lar\u0131n ziyaret etti\u011fi bir web sayfas\u0131na k\u00f6t\u00fc ama\u00e7l\u0131 kod enjekte etmek i\u00e7in kullan\u0131l\u0131r.\u00a0Ana XSS g\u00fcvenlik a\u00e7\u0131\u011f\u0131 t\u00fcrleri \u015funlar\u0131 i\u00e7erir:<\/p>\n<ul>\n<li><strong>Kal\u0131c\u0131 XSS<\/strong>\u00a0\u200b\u200b: do\u011frulanmam\u0131\u015f veriler, Veritaban\u0131ndan veya Arka U\u00e7 kal\u0131c\u0131 deposundan al\u0131n\u0131r;<\/li>\n<li><strong>Kal\u0131c\u0131 olmayan XSS<\/strong>\u00a0: bir web istemcisi taraf\u0131ndan sa\u011flanan veriler, daha derin bir do\u011frulama olmadan bir kullan\u0131c\u0131ya bir sayfay\u0131 ayr\u0131\u015ft\u0131rmak ve g\u00f6r\u00fcnt\u00fclemek i\u00e7in sunucu taraf\u0131 komut dosyalar\u0131 taraf\u0131ndan kullan\u0131l\u0131r;<\/li>\n<li><strong>DOM XSS<\/strong>\u00a0: K\u00f6t\u00fc ama\u00e7l\u0131 veriler, web sunucusu ile herhangi bir yineleme olmaks\u0131z\u0131n istemci taraf\u0131nda JavaScript kodu taraf\u0131ndan yans\u0131t\u0131l\u0131r.<\/li>\n<\/ul>\n<p>Bu nedenle<a href=\"https:\/\/www.ycrsoft.com\/blog\/magento-2-yapilandirilabilir-urun-uzantilari\/\">, Magento 2 uzant\u0131 geli\u015ftiricileri,<\/a> kodlardaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 ortaya \u00e7\u0131karmaktan ka\u00e7\u0131nmal\u0131d\u0131r.<\/p>\n<h4><span id=\"How_to_prevent_XSS_in_Magento_2\">MAGENTO 2&#8217;DE XSS NASIL \u00d6NLEN\u0130R?<\/span><\/h4>\n<p>Depolama ve \u00e7al\u0131\u015ft\u0131rmada k\u00f6t\u00fc niyetli bir kodu \u00f6nlemek i\u00e7in hem kullan\u0131c\u0131 girdisinin hem de \u00e7\u0131kt\u0131s\u0131n\u0131n do\u011frulanmas\u0131 ve temizlenmesi yap\u0131lmal\u0131d\u0131r. Harici veri kaynaklar\u0131ndan gelebilecek dizeleri taray\u0131c\u0131ya g\u00f6ndermeden ve \u015fablonlarla daha fazla i\u015flenmeden \u00f6nce temizlemeniz gerekir.<br \/>\nAyr\u0131ca Magento art\u0131k HTML \u00e7\u0131k\u0131\u015f\u0131ndan ka\u00e7\u0131nmak i\u00e7in Escaper s\u0131n\u0131f\u0131n\u0131 sunuyor. Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131\u00a0 ve kullan\u0131\u015fl\u0131 i\u015flevler;<\/p>\n<div class=\"et-custom-list\">\n<ul>\n<li><strong>escapeHtml()<\/strong>\u00a0\u00a0i\u015flevi, HTML i\u00e7eri\u011finde dizeden ka\u00e7\u0131nmak i\u00e7in uygulan\u0131r;<\/li>\n<li><strong>escapeHtmlAttr()<\/strong>\u00a0\u00a0i\u015flevi, HTML etiketi \u00f6zniteliklerinde dizeleri \u00f6nlemek i\u00e7in kullan\u0131l\u0131r;<\/li>\n<li><strong>escapeCss()<\/strong>\u00a0\u00a0i\u015flevi, bir CSS ba\u011flam\u0131ndaki dizelerin ka\u00e7mas\u0131na izin verir;<\/li>\n<li><strong>escapeJs()<\/strong>\u00a0\u00a0i\u015flevi, bir JavaScript ba\u011flam\u0131nda ka\u00e7an dizeler i\u00e7in kullan\u0131l\u0131r;<\/li>\n<li>ve\u00a0\u00a0<strong>escapeUrl()<\/strong>\u00a0\u00a0i\u015flevi, bir URL&#8217;de kullan\u0131lacak dizelerden ka\u00e7\u0131nmak i\u00e7in uygulanabilir.<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div><\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":6538,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1333],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v16.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131 - Blog - YcrSOFT<\/title>\n<meta name=\"description\" content=\"Magento 2 i\u00e7in temel g\u00fcvenlik t\u00fcyolar\u0131, web sitesi korsanl\u0131klar\u0131n\u0131 ve sald\u0131r\u0131lar\u0131n\u0131 durduran bulut tabanl\u0131 bir WAF&#039;dir. Magento 2 i\u00e7in temel g\u00fcvenlik t\u00fcyolar\u0131 ile g\u00fcvenlik \u00f6nlemlerini de\u011ferlendirin ve optimize edin.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/\" \/>\n<meta property=\"og:locale\" content=\"tr_TR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Magento 2 \u0130\u00e7in Temel G\u00fcvenlik T\u00fcyolar\u0131 - Blog - YcrSOFT\" \/>\n<meta property=\"og:description\" content=\"Magento 2 i\u00e7in temel g\u00fcvenlik t\u00fcyolar\u0131, web sitesi korsanl\u0131klar\u0131n\u0131 ve sald\u0131r\u0131lar\u0131n\u0131 durduran bulut tabanl\u0131 bir WAF&#039;dir. Magento 2 i\u00e7in temel g\u00fcvenlik t\u00fcyolar\u0131 ile g\u00fcvenlik \u00f6nlemlerini de\u011ferlendirin ve optimize edin.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - YcrSOFT\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-27T12:43:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-06T13:25:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/04\/ycrsoftblogfoto.png\" \/>\n\t<meta property=\"og:image:width\" content=\"304\" \/>\n\t<meta property=\"og:image:height\" content=\"245\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Tahmini okuma s\u00fcresi\" \/>\n\t<meta name=\"twitter:data1\" content=\"9 dakika\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/#website\",\"url\":\"https:\/\/www.ycrsoft.com\/blog\/\",\"name\":\"Blog - YcrSOFT\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/www.ycrsoft.com\/blog\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"tr\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/#primaryimage\",\"inLanguage\":\"tr\",\"url\":\"https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/04\/ycrsoftblogfoto.png\",\"contentUrl\":\"https:\/\/www.ycrsoft.com\/blog\/wp-content\/uploads\/2023\/04\/ycrsoftblogfoto.png\",\"width\":304,\"height\":245},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/#webpage\",\"url\":\"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/\",\"name\":\"Magento 2 \\u0130\\u00e7in Temel G\\u00fcvenlik T\\u00fcyolar\\u0131 - Blog - YcrSOFT\",\"isPartOf\":{\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/#primaryimage\"},\"datePublished\":\"2023-03-27T12:43:47+00:00\",\"dateModified\":\"2023-04-06T13:25:08+00:00\",\"author\":{\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/#\/schema\/person\/790daef3d7831c616939a580eca2246d\"},\"description\":\"Magento 2 i\\u00e7in temel g\\u00fcvenlik t\\u00fcyolar\\u0131, web sitesi korsanl\\u0131klar\\u0131n\\u0131 ve sald\\u0131r\\u0131lar\\u0131n\\u0131 durduran bulut tabanl\\u0131 bir WAF'dir. Magento 2 i\\u00e7in temel g\\u00fcvenlik t\\u00fcyolar\\u0131 ile g\\u00fcvenlik \\u00f6nlemlerini de\\u011ferlendirin ve optimize edin.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/#breadcrumb\"},\"inLanguage\":\"tr\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/magento-2-icin-temel-guvenlik-tuyolari\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.ycrsoft.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Magento 2 \\u0130\\u00e7in Temel G\\u00fcvenlik T\\u00fcyolar\\u0131\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/#\/schema\/person\/790daef3d7831c616939a580eca2246d\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.ycrsoft.com\/blog\/#personlogo\",\"inLanguage\":\"tr\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e30f5f3d967a3e805cd307355ed5199a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e30f5f3d967a3e805cd307355ed5199a?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"url\":\"https:\/\/www.ycrsoft.com\/blog\/author\/blog\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/posts\/6487"}],"collection":[{"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/comments?post=6487"}],"version-history":[{"count":2,"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/posts\/6487\/revisions"}],"predecessor-version":[{"id":6551,"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/posts\/6487\/revisions\/6551"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/media\/6538"}],"wp:attachment":[{"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/media?parent=6487"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/categories?post=6487"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ycrsoft.com\/blog\/wp-json\/wp\/v2\/tags?post=6487"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}