Magento 2 Polyshell Vulnerability: Detection and Mitigation Guide
How to guide on checking if your Magento 2 store is safe from the Polyshell vulnerability. And guidance on how to patch and secure your site if it is not.
Sam James's Articles
Discover expert insights from Sam James on Architecture, CI/CD, Adobe Commerce, Artificial Intelligence, AI-Assisted Development. Stay updated with the latest trends, practical guides, and in-depth analysis in Magento & Ecommerce.
Adobe's Isolated Patch Strategy: A Community Response
Adobe's new monthly isolated patch approach for Magento creates maintenance burden. Here's how a community meta-package can help restore sanity to security patching.
Consolidating My Online Presence: Moving Blog and Docs to One Home
Why I’m consolidating my blog and documentation into my main site: reducing infrastructure, improving clarity, and strengthening my personal brand and SEO.
Strengthening Magento 2 Security in CI/CD Pipelines with Sansec Ecomscan
Learn how to integrate Sansec Ecomscan into Magento 2 CI/CD pipelines to detect malware, enforce security patches, and secure build artifacts. Step-by-step guides for GitHub Actions and Bitbucket Pipelines included.
AI Experiments for Frontend, SEO and UI Design
I rebuilt small projects to test AI for frontend, SEO and UI. Here’s what helped, what broke, and how I’d use it again.
Cloudflare Outage November 2025 - Retrospective
Cloudflare accidentally took half the internet down for half a day, right before Black Friday. What can we learn from this, and how can we engineer more resilient infrastructure to survive similar outages in the future?
Check if your Magento site is safe from Session Reaper (CVE-2025-54236)
How to guide on checking if your Magento 2 store is safe from the Session Reaper (CVE-2025-54236) exploit. And guidance on how to patch and secure your site if it is not.
How to efficiently patch Magento 2 deployments at scale
Approaches to simply deploying patches across a large inventory of Magento 2 deployments
Verbose Magento 2 DB Schema Status
Ever found yourself wondering why a store required downtime to deploy? Or even the case where `setup:db:status` constantly reports `Declarative Schema is not up to date` despite you just update it?
Is Self-Hosting Sentry Hard? A One-Year Real-World Review
Is self-hosting Sentry difficult or expensive? After running it in production for a year, here’s what we learned about setup complexity, maintenance, and real-world costs.