MageDispatch.com - The latest in Magento land

NGINX - Polyshell blocker

NGINX config to block the Polyshell upload exploit at the edge, denying API and media paths regardless of location rules. Includes allowlisting, Hypernode/Maxcluster setup steps, and commands to scan affected paths and logs.

https://gist.github.com/JeroenBoersma/d5c33066d7b0a7c69736a3d0f67ac9b1

#nginx #security #polyshell #rest-api

07 Apr 2026

Claude Code Skills for Store Operations

Ready-to-use Claude Code skills to look up orders, check inventory, manage customers, update products, and run reports by calling your store’s REST and GraphQL APIs with curl. Includes quick-start installation, required env vars, example commands, and safety checks that ask for confirmation before write operations.

https://github.com/magendooro/magento-claude-skills

2

7

#ai-tools #rest-api #graphql #cli

07 Apr 2026

Passkey Authentication for Customer Accounts (WebAuthn/FIDO2)

Adds passwordless customer sign-in with passkeys via WebAuthn/FIDO2. Exposes REST APIs and UI widgets for registration, login, and credential management, with safeguards like anti-enumeration, rate limiting, sign-count validation, and token-based sessions.

https://github.com/mage-os-lab/module-passkey-auth

2

12

#webauthn #passkey #authentication #rest-api #Mage-OS

07 Apr 2026

rest-api

NGINX - Polyshell blocker

Claude Code Skills for Store Operations

Passkey Authentication for Customer Accounts (WebAuthn/FIDO2)

The latest about Magento in your mailbox?