check basic shop security

[hpvd]

This debug extension is very helpful!! With the "system setup check" and it's comparison of "optimal" and "actual" values even non advanced users have the possibility to ask their admin/programmer the right questions...

To make it even better one could think of implementing some kind of security check in same way.

Some first ideas for security-checks:

• using latest magento version
• default backend url is changed
• ssl is used for checkout/customer account
• ssl is used for admin backend
• ssl is used complete shop
• not all backend user have complete admin rights
• admin acess is restricted to special IP
• sftp is used (http://www.magentocommerce.com/knowledge-base/entry/how-to-set-up-and-run-paypal-settlement-reports/)
• could one get the date when the passwords of admins were changed the last time?
• ...