DashNex Security Checklist: Protect Your Store in 15 Minutes

Mike Holownych
#dashnex #security #e-commerce #tutorial

Quick answer: 6 essential security steps take 15 minutes and protect you from 95% of common attacks.

Here’s your checklist.

Why Security Matters for Small Stores

The numbers:

  • 43% of cyber attacks target small businesses
  • Average cost of a breach: $200,000
  • 60% of small businesses close within 6 months of an attack

Good news: Basic security is easy and free.

Security Checklist (15 Minutes)

✅ Step 1: Enable SSL Certificate (2 minutes)

What it does: Encrypts data between customer and your server.

In DashNex:

  1. Go to Settings → Domain
  2. Click “Enable SSL”
  3. Wait 2-5 minutes for activation
  4. Verify: URL shows https:// with padlock icon

Cost: Free (included with DashNex)

Why it matters:

  • Google ranks HTTPS sites higher
  • Browsers warn customers about non-HTTPS sites
  • Required for payment processing
  • Protects customer data

✅ Step 2: Strong Admin Password (1 minute)

Current password weak? Change it now.

Strong password requirements:

  • 16+ characters
  • Mix of uppercase, lowercase, numbers, symbols
  • No dictionary words
  • Unique to this site

Good example: K9!mPq#7nX2vL@4wR Bad example: dashnex2025 or MyStore123

Pro tip: Use a password manager (free options: Bitwarden, 1Password)

In DashNex:

  1. Settings → Account
  2. Change Password
  3. Save new password in password manager

✅ Step 3: Enable Two-Factor Authentication (3 minutes)

What it does: Requires phone code + password to login.

Setup with Google Authenticator:

  1. Install Google Authenticator app (free)
  2. DashNex: Settings → Security → Enable 2FA
  3. Scan QR code with app
  4. Enter 6-digit code to verify
  5. Save backup codes securely

Important: Store backup codes offline (printed or in password manager).

Why it matters: Even if password is stolen, attacker can’t login without your phone.

✅ Step 4: Regular Backups (5 minutes setup, automatic after)

What to backup:

  • Product database
  • Customer list
  • Order history
  • Store settings

Backup strategy:

Option 1: Manual exports (free)

  1. Export products (DashNex → Products → Export CSV)
  2. Export customers (Customers → Export CSV)
  3. Export orders (Orders → Export CSV)
  4. Store in Google Drive/Dropbox
  5. Repeat weekly

Option 2: Automated with n8n (recommended)

Create n8n workflow:

Schedule (Weekly, Sunday 2am)
→ Export DashNex data via API
→ Upload to Google Drive
→ Delete backups >30 days old

Cost: $0 (if you run n8n)

Restore time: 30 minutes if disaster strikes

✅ Step 5: Payment Security (2 minutes)

Use trusted payment processors:

  • ✅ Stripe (PCI compliant, fraud detection)
  • ✅ PayPal (buyer protection, secure)
  • ✅ Braintree (Stripe alternative)

Never:

  • ❌ Store credit card numbers yourself
  • ❌ Email credit card info
  • ❌ Screenshot payment details

DashNex handles this correctly: Payment data goes directly to Stripe/PayPal, never stored on your server.

Enable fraud detection:

  1. Stripe Dashboard → Radar → Enable
  2. Set risk threshold: Medium
  3. Review flagged orders before fulfilling

Cost: Free (built into Stripe)

✅ Step 6: Monitor for Suspicious Activity (2 minutes)

Set up alerts:

In DashNex:

  1. Enable email notifications for:
    • New orders over $500
    • Multiple failed login attempts
    • Password changes
    • Refund requests

In Stripe:

  1. Enable notifications for:
    • Disputed payments
    • High-risk orders
    • Unusual activity

Check weekly:

  • Failed login attempts (Settings → Security Log)
  • Refund rate (should be less than 2%)
  • Chargebacks (should be less than 0.5%)

Additional Security Measures (Optional)

Customer Data Protection

Only collect what you need:

  • Name, email, shipping address: ✅ Required
  • Phone number: Optional (for shipping updates)
  • Birthday, personal info: ❌ Don’t collect unless necessary

In DashNex: Settings → Privacy → Minimize data collection

Secure Your Email

Your admin email is a vulnerability:

  • Use strong password
  • Enable 2FA on email account
  • Use business email (not personal Gmail)

Why it matters: Password reset emails go here. If email is compromised, attacker can reset your store password.

Regular Software Updates

Keep DashNex updated:

  • Check for updates: Settings → Updates
  • Apply security patches immediately
  • Enable auto-updates if available

Why it matters: Updates patch security vulnerabilities.

Employee Access Control

If you have team members:

  • Give minimum necessary access
  • Use separate accounts (don’t share passwords)
  • Revoke access immediately when someone leaves
  • Review access quarterly

Red Flags to Watch For

Signs of compromise:

  • ⚠️ Unknown orders or refunds
  • ⚠️ Products changed without your knowledge
  • ⚠️ Unusual traffic spikes
  • ⚠️ Customer complaints about spam emails “from you”
  • ⚠️ Password reset emails you didn’t request

If you see these: Change password immediately, check recent activity, contact DashNex support.

Security vs Convenience

Bad convenience tradeoffs:

  • ❌ “Remember me” on shared computers
  • ❌ Same password for multiple sites
  • ❌ Disabling 2FA because it’s annoying
  • ❌ Auto-approving all orders without review

Good convenience tradeoffs:

  • ✅ Password manager (secure + convenient)
  • ✅ Biometric login on your phone
  • ✅ Trusted device list for 2FA

Cost Summary

Total cost for basic security: $0

Security MeasureCostTime
SSL CertificateFree2 min
Strong PasswordFree1 min
Two-Factor AuthFree3 min
Manual BackupsFree5 min/week
Payment SecurityFree2 min
Activity MonitoringFree2 min/week

Optional upgrades:

  • Password manager premium: $36/year (worth it)
  • Automated backups (n8n): $60/year (hosting)
  • Advanced fraud protection: Included in Stripe

If You Get Hacked

Immediate steps:

  1. Change all passwords immediately
  2. Enable 2FA if not already active
  3. Review recent orders/changes
  4. Contact DashNex support
  5. Notify affected customers if data was compromised
  6. File police report if financial loss occurred

Prevention is easier than recovery.

Security Checklist Printable

□ SSL certificate enabled
□ Strong admin password set
□ Two-factor authentication active
□ Weekly backups scheduled
□ Payment processor fraud detection on
□ Email alerts configured
□ Security log reviewed monthly
□ All team access reviewed quarterly

FAQ

Q: Is DashNex secure out of the box?

Yes, for basic security. But you must enable SSL, use strong passwords, and keep software updated.

Q: Can I be hacked even with good security?

Yes, but it’s much less likely. Basic security stops 95% of attacks (automated bots, weak password guessing).

Q: Do I need to hire a security expert?

Not for a small store. Follow this checklist and you’re fine. Hire an expert if you’re processing $50K+/month.

Q: What about GDPR compliance?

DashNex handles basic GDPR requirements. Add:

  • Privacy policy page
  • Cookie consent banner
  • Data deletion on request

Q: Should I use Cloudflare?

Yes, if you’re getting DDoS attacks or want faster loading. Free plan is sufficient for most stores.

Related articles:

About the author: I’m Mike Holownych, an automation consultant who helps entrepreneurs secure their online businesses. Learn more →

MH

About Mike Holownych

I help entrepreneurs build self-running businesses with DashNex + automation. n8n automation expert specializing in e-commerce, affiliate marketing, and business systems.

Learn more → Get in touch →

Download Free Workflows

Get production-ready n8n workflows to automate your business.

Need Custom Automation?

I build custom n8n workflows for your specific business needs.