Originally developed as part of a light industrial park, Hostdedi’ Southfield, MI facility was initially renovated by us back in 2010. As of today, it’s been running as a dedicated data center for four years.
And it’s a facility we’re very proud of. Today, we’d like to share that pride with you, courtesy of a new infographic. Read on for a preview of some of our facility’s vital stats. Read More »
The Magento eCommerce platform is at the center of a vibrant ecosystem of retailers, developers, designers, conferences, and Magento hosting providers. Like all ecosystems, Magento evolves, and it can be difficult for newcomers to the world of ecommerce to get to know all the parts and the role they play in building a successful ecommerce business.
In this article, we’re going to explain some of the terminology new ecommerce merchants need to understand before embarking on their journey with Magento.
First things first: what is Magento? Magento is a powerful open source eCommerce technology platform. It’s successfully used by retailers across industries worldwide, ranging from solo small business entrepreneurs to larger eCommerce merchants like ASUS, Ford, Wrangler, Silent Night, Harvey Nichols, Paul Smith, and Christian Louboutin.
Magento was initially released in March 2008 and has since grown to incredible proportions. There have been two main iterations of the platform, Magento 1 and Magento 2. One of the main reasons why eCommerce developers love Magento is due to its customizability and ability to scale with a growing business. Thousands of modules, themes, and extensions are available for Magento store developers, and custom functionality can also be included. There are also two different versions of Magento — Magento Open Source and Magento Commerce — depending on the size of your business and your eCommerce store needs. See more details and differences between the two versions version below.
Magento Open Source is a free version of Magento that includes several of the same features as Magento Commerce. Until recently, Magento Open Source was known as Magento Community Edition.
Magento Commerce was originally released in 2007 as a public beta version. The full version was released in 2008. Because Magento Open Source is built on open source technology, developers are not locked into the software they are provided. They can make changes to the application and incorporate other technologies as well. This means that developers can mold Magento Open Source into something that’s customized to meet to their needs — this is something developers aren’t as free to do with Magento Commerce.
There’s an impressive base feature set with Magento Open Source, yet where it really shines is in the additional features offered through the countless extensions currently available. Right now, there are more than 3,400 extensions available in the Magento Marketplace.
To use Magento Open Source, retailers can choose a Magento hosting provider, which will provide the servers, bandwidth, and support a retailer needs to build their eCommerce store. This also allows for retailers to focus on their business, and leave background processes to someone else.
Image credit: Magento Commerce
At the heart of the Magento ecosystem is Magento Commerce, which is the company’s commercial version for developers. It’s an all-in-one cloud solution that includes support and additional features for enterprise retailers such as dedicated Magento account management.
The self-hosted version of Magento Commerce, previously known as Magento Enterprise Edition, was originally released in 2016. It has since grown to become a staple in the Magento community as bigger eCommerce businesses are looking for more functionality as their sites become more complex and they acquire a larger global presence.
If you’re an enterprise-level eCommerce business, Magento Commerce is likely the best platform for your online store.
There are several differences between the Open Source and Commerce editions of Magento to consider before deciding which version you need for your store, including:
| Features | Opensource | Commerce |
| Responsive eCommerce website | ✔ | ✔ |
| Promotions engine/product & catalog management | ✔ | ✔ |
| Checkout, payment, shipping & order management | ✔ | ✔ |
| Site management (admin) | ✔ | ✔ |
| ElasticSearch | ✕ | ✔ |
| Bluefoot CMS in 2.2 | ✕ | ✔ |
| Magento order management | ✕ | ✔ |
| Content staging & preview | ✕ | ✔ |
| Magento shipping | ✕ | ✔ |
| Out of the box (OOTB) B2B functionality (in v2.2) | ✕ | ✔ |
Magento is a complete eCommerce solution, but retailers can add extra functionality by installing Magento Extensions created by third-party developers. Magento Extensions extend or enhance the platform’s existing features. Hostdedi has created several Magento extensions, including the popular Turpentine extension for improved compatibility with Varnish, and Alarmbell, a Magento security extension. There are thousands of Magento extensions, both free and premium. Magento users should take care to only install extensions from reputable developers or marketplaces. If in doubt, check out the official Magento Marketplace, which we’ll discuss in a moment.
Magento themes are similar to extensions, except themes focus on the design of a site rather than on adding new functionality. Every Magento store uses a theme, and just like extensions, there are free themes, paid premium themes, and custom themes developed for specific retailers.
The Magento Marketplace is an officially supported repository of both extensions and themes you can add to your eCommerce store. Magento thoroughly vets all extensions and themes it distributes in their marketplace, so you can be sure that everything you find there is secure and useful.
Magento Marketplace isn’t the only trustworthy source of Magento extensions and themes, however. Many reputable developers have their own sites and stores that offer Magento extensions and themes as well. However, if you’re unsure of the quality of an extension or theme created for Magento that you find from another developer, check to see if it’s in the Magento Marketplace to make sure it’s been vetted.
Finally, Magento hosting: every eCommerce store needs a hosting provider. The hosting provider ideally takes care of the store’s connection to the internet, the server the Magento application and its database run on, and the support retailers need to provide a fast, personalized shopping experience to their users.
Hosting providers are of varying quality, and Magento requires specific conditions to provide the best performance and reliability. Choosing Managed Magento as your optimized hosting provider means you get the speed, security, and reliability you can rely on to successfully start your journey as an eCommerce retailer.
Ready for even more Magento optimization? Read our Definitive Guide for Optimizing Magento 2 to see how you can further optimize the performance of your Magento 2 store.
The last day has been one to remember. The acquisition of Magento by Adobe has been completed. The Magento community was abuzz as members began to once again revisit their expectations and hesitations. This was especially prominent on Twitter. Here’s how Twitter reacted following the news.
Read More »
Read More »
Thousands of new ecommerce businesses are launched every year and new online retailers have no shortage of options when it comes to picking a platform. Should you choose a hosted platform like Shopify or a self-hosted application like Magento or WooCommerce? Should you choose the simplest possible solution or one capable of growing with your business?
Used on about 2.3 million ecommerce stores around the world, WooCommerce is particularly friendly to new ecommerce merchants because it combines ease of use with incredible power, flexibility, and features.
Keep reading to learn:
When you are building your eCommerce business and want to invest in organic traffic through search engine optimization as a growth and marketing channel, the strategies might seem overwhelming.
Luckily, SEO at its core is not complicated. If you build on a platform that already takes SEO best practices into account, you can focus on the three major areas that can grow your organic traffic and therefore your business consistently over time.
SEO at a high level is comprised of three areas:
In this article I will cover technical SEO for your ecommerce store, and specifically ecommerce stores built on WordPress. Next time, we will cover keyword research and how that drives your ecommerce site’s SEO and conversions.
Technical SEO is important because it determines how well search engines can access and therefore rank your pages and website overall. While technical SEO due diligence is done proactively as your site grows, setting a solid foundation from the start is the best way to allow your ecommerce site to grow.
When thinking about technical SEO for ecommerce, take all of these into account even if you are not a web developer:
If you’ve never audited your ecommerce store from an SEO perspective, that is the first step.
Use a tool like Screaming Frog (free up to 500 URLs, above that it’s a 149GBP annual license fee) to crawl your full site to begin understanding where your largest areas of opportunity are. Screaming Frog gives you a lot of data, which you can then couple with technical and on-page SEO best practices:
The team over at SEER Interactive in Philadelphia and San Diego has a great guide to using Screaming Frog for SEO as well – http://www.seerinteractive.com/blog/screaming-frog-guide/
Search engine friendly URLs that contain your main keyword are one of the largest impact SEO-friendly features you can implement on your website. Fortunately, WordPress handles these well natively out of the box through Settings > Permalinks:
URLs like these reduce the chance of page duplication, are easy for search engines to crawl, and are easier for users to remember and type in.
A lot of non-professional SEOs have been told that meta tags matter for SEO. While this is true, once you’ve set the right systems in place, you can give yourself the gift of not thinking about certain SEO elements such as meta tags with a few tools.
WordPress using Yoast allows you to define Title and Meta Description formats so that your pages are automatically put into an SEO-friendly format as you create new categories or products on your site:
Page load time has become an increasingly important factor in site rankings. Outside of just SEO considerations, we’ve also learned that we lose 7% of conversions for every second of load time on a page.
Page speed affects both your site’s rankings and your conversions, so working on this is a very high impact undertaking.
The two best ways to do this on WordPress are:
eCommerce websites are notoriously image heavy and rightfully so – people want to see what they are buying before they buy.
Images can be a challenge for SEO because they can slow down your site. Since your website operates off of templates, like categories and product pages, you should look to only upload images in the sizes in which they are displayed.
For example, maybe you use a thumbnail image on category pages and a 600×800 image on product pages. In that case, instead of resizing one 1200×1800 image to the correct sizes using CSS you should instead save one 125×125 thumbnail and one 600×800 regular size image, then use them in their correct place.
At the scale of a few hundred to thousands of SKUs, this can save you a lot of load time.
Google’s Search Console is a fantastic free tool that helps you identify the errors happening on your website, as well as insight into the keywords driving traffic to your site and some free tools to help you optimize your site.
Search Console should always been installed on your site and connected to your Google Analytics account, because the data is invaluable.
The two main ways you should keep in mind to use Search Console for your ecommerce site are to monitor your site’s errors, especially dead pages appearing as 404s, and the parameters that the search engines discover that could cause you duplicate content issues.
Crawl > Crawl Errors will show you a graph of errors on your site as well as the top 1,000 affecting your site:
If you have a lot of pages returning a 404 error, fixing them can be a high impact SEO fix as well as a conversion lift because search engines will spend more time on your site, inbound links will be rerouted to pages that should rank, and users will be less likely to land on a broken page.
Most eCommerce websites use filters to help customers narrow search results to optimize for conversions. While filters can be useful, they can also cause SEO issues.
Most filtering systems use parameters to change the page’s URL to narrow products. In Search Console, you can see the list of parameters that the search engines have discovered on your site:
Within each you can tell Google what the parameter does (sorts, paginates, narrows) and from there how the search engine should treat it. In many cases you can just allow Google to decide, but if you notice that you are getting organic traffic to pages with parameters that then compete with your category pages for rankings, you can direct the search engines to just use one specific URL.
Technical SEO is an ongoing undertaking, and as your site grows you will constantly face new challenges. It is important to have monitoring in place to alert you to to issues on your site so that you can fix them, but also so that you can spend your time proactively growing your business instead of looking to see how your technical SEO is doing.
There are two ways to monitor your site, and I recommend implementing both:
Many people do not know that Google Analytics allows you to set up custom alerts that will tell you when something has happened on your website.
To access these, go to Admin > Property > Custom Alerts:
Within here, I set up alerts to notify me when organic traffic either increases or decreases by more than 20% week on week.
These allow you to rest easy and not be required to check often to make sure your traffic is steady and growing:
Alongside Analytics alerts, you should also pay for a subscription to a tool like Moz or SEMrush, which will crawl your website weekly and alert you to new issues on your site that need your attention:
Depending on the scale of these issues, you can either solve them then or wait to fix them until you have dedicated time.
If you choose the latter, implement a schedule of every month or two where you take a day to fix issues that have appeared over time. This will keep your website healthy and continually able to rank.
I hope this article has helped you understand technical SEO for your ecommerce site at a deeper level than before.
Next time we will talk about keyword research and how that drives your information architecture and ultimately your conversions.
Get more information like this delivered right to your inbox. Subscribe to our blog or follow us on Twitter.
Slow performance, down times, upgrades, migration, server changes. No, these aren’t Jeopardy categories for the “IT Tournament of Champions”. They’re just a few of the many technical issues and sources of frustration from running an eCommerce website that lead to decreased revenue.
Aside from costing you time and peace of mind, all these backend problems also cost you money in lost sales. Managed WooCommerce Hosting increases revenue — that’s where it brings the biggest value.
Here are 5 Ways Managed WooCommerce Hosting Increases Revenue and Makes You Profitable, and why you should try it today.
When it comes to selling anything on the internet, speed is the name of the game. When today’s customers navigate to your online store, they expect to find items they want to buy presented to them instantly. Page load problems are a revenue killer.
It’s estimated that for every one second it takes for your site to load, your conversion rate drops by 7 percent. An online store bringing in $1,000 per day could see more than $25,000 in missed sales every year — all because of one second!
To reach maximum page load times, you need a website host with the right server infrastructure. Your typical eCommerce platform puts multiple stores on one server to handle them all. That mixing of computational resources affects your website’s load times.
Managed WooCommerce Hosting isolates your website, monitoring performance and automatically adding resources as needed. When your site needs more CPU or RAM during a traffic spike, those resources arrive automatically without moving your site to a different server. That means faster load times and fewer downtimes.
Managed WooCommerce Hosting keeps more data flowing through your site and more money flowing into your account. There’s no more worrying whether your site is working at its maximum potential — it always will be.
As your business grows, so too will the size and complexity of your website. That’s where shared servers also create additional costs for website owners. Typical eCommerce platforms solve the problem of site expansion by upselling you to different plans, servers with fewer sites, or a dedicated server. Suddenly, that free or low upfront price has morphed into a big monthly bill that’s leaving you with unacceptable risk, downtime, and lost sales.
Managed WooCommerce Hosting uses a web server environment that’s elastic and scalable. It’s an infrastructure that easily expands your capacity without moving your website or taking it down. That means you don’t lose sales.
It’s like having a few kids and needing a larger house. Would it be cheaper and less hassle to move your family and all of your belongings? Or just have your builder add on a room or two while you stay put?
The only thing worse for sales than slow load times is a website that’s down. Today, enormous amounts of online revenue come from holiday shopping and special events.
In 2017, Cyber Monday officially became the largest online shopping day in U.S. history with $6.59 billion spent. However, not all retailers were able to take full advantage, because their websites crashed after being flooded with traffic.
With Managed WooCommerce Hosting, you can test your website before a major campaign or sales event. If problems do arise during tests, our team can identify problems, propose solutions, and implement the changes to ensure your website is up for the challenge.
Managed WooCommerce Hosting tests an offline version of your website first. Then, when everything is optimized and running smoothly, those same changes are applied to your live website, so there’s no downtime or lost sales.
Forward-looking store owners are finding ways to reach the 70 percent of customers who leave an item in their cart without purchasing it. Cart abandonment solutions increase revenue by re-engaging customers who were cued up to make a purchased but didn’t.
Managed WooCommerce Hosting increases revenue by helping you find and re-engage those folks by integrating Jilt — the cart abandonment SaaS — into your website platform. Jilt tracks precisely when cart abandonment occurs so you can segment and target customers with custom win-back emails. For example, if a segment of customers abandoned after calculating shipping costs, you could email them a free shipping offer.
Winning back just a fraction of the 70 percent of abandoned cart items can mean a significant boost in sales.
Barn2 is a successful eCommerce company that sells WordPress plugins. The owners discovered that 61 percent of customers left items in their carts. At an average value of $75 per abandoned cart, that rate represented a significant loss in sales. They decided to try Jilt to win back those purchases. In just a few months of running an email campaign, Barn2 achieved a 28.6 percent win-back rate that netted more than $3,000 in extra revenue.
More and more online store owners are realizing they’re missing sales opportunities by not utilizing their data enough. Those who do stand a better chance to increase sales. However, the process of transforming data into something useful is complex.
It’s one thing to capture data, and another to use it to find new sales opportunities, segment audiences, and track your store’s performance. Managed WooCommerce Hosting gives eCommerce store owners valuable, actionable data they need to make smart decisions.
Our managed service incorporates the eCommerce analytics tool Glew.io into your hosting account. Glew generates actionable data to track your customer acquisition costs, sales trends, and key performance indicators. With Glew.io, you can segment customers into groups that deliver more effective email campaigns. One example: You can segment “full-price” buyers from “discount” buyers — then send emails containing coupon offers only to the discount buyers.
Smart store owners use analytics reports on revenue data to quickly shift strategies and increase sales. Managed WooCommerce Hosting increases revenue by giving you insights into key metrics like:
With this data, you can drill down into a product’s performance — identifying where you’re spending too much on low-performing products and where you need to increase your ad spending to promote higher-grossing items.
You can also analyze products based on category, segments, and even SKUs. And with Managed WooCommerce Hosting reports, you can receive a monthly eCommerce report, weekly update, or daily performance snapshot. You’ll always know if you’re meeting your revenue goals.
Because Managed WooCommerce Hosting integrates Jilt and Glew.io right into your hosting plan, you no longer have to subscribe to them individually. Jilt and Glew.io’s monthly plans for SMB run $299/mo and $199/mo respectively, so there’s plenty of room for savings through consolidation. And if you’re not already subscribed to these powerful analytics tools, you’ll have them available from day one of your subscription to Managed WooCommerce Hosting. Adopt a platform that comes standard with the data tools you need to succeed and grow.
Managed WooCommerce Hosting increases revenue by giving you access to these five benefits straight from the box, which also saves you time and money. But there’s more to value than just price. Here’s another other blog article on the benefits of managed hosting.
Hostdedi offers numerous ways to reach out for support, ranging from chats, to tickets or phone calls. We have support technicians who know WordPress and WooCommerce. But we have more than that – we have the Most Helpful Humans in Hosting to advise and consult on any WordPress or WooCommerce needs you might have.
Our Managed WordPress Hosting and Managed WooCommerce Hosting platforms are supported by the Most Helpful Humans in Hosting and backed by the industry’s best guarantees. Our teams are available 24/7/365 to provide assistance on a wide array of requests relating to our Managed Platforms and the features we offer.
We work through queue-based support systems that enable us to handle requests in the order in which we receive them. However, if you have an urgent request, please reach out to our phone support or live chat for immediate assistance.
Our Managed WordPress Hosting and Managed WooCommerce Hosting platforms include industry-leading plugins and themes, tested and integrated to work seamlessly with your websites. Our experts can provide advice on how to configure and utilize these plugins. However, our experts only provide limited support for custom themes and third-party plugins. On a time available basis, our team can analyze logs and other errors and advise on the best course of action and alternate solutions.
Because we have fine-tuned our platform, some custom code may conflict with our Managed WordPress Hosting and Managed WooCommerce Hosting systems. While we will be happy to consult on these issues, modifying or developing code is best handled by your development team.
If a problem stems from a paid plugin or theme, the best channel to request support is with their developers directly. Free plugins and themes are supported directly via the WordPress.org forums. In all cases, our experts will be glad to recommend plugins and themes that are supported by best practices and can be integrated into our platforms.
You know your business and you know how you want to promote your message to your customers. Developing your website is critical in promotion to customers, and typically entails unique coding, customization of plugins, and data creation/management. Our team understands how important this process is to your success and can advise your development team. However, coding, debugging code, website design/development, search engine optimization (SEO) and plugin customization are outside the scope of support.
Once your website is developed, you need it to hum for your customers. Besides hosting your website on the latest technologies, our technicians can provide guidance on performance optimization for your WordPress sites and WooCommerce stores. While we do not provide optimization services, we have a wide range of consulting background that is at your disposal.
Keeping your website, data, and customers secure is critical to your success. As your partner, we ensure the data center infrastructure, platform hardware, and software are up-to-date and secure.
Every site on our Managed WordPress hosting platform has the core WordPress solution automatically updated within a day or two of it being released to the public. We test each version against our workloads and prepare it for broad deployment across our network (which is why it takes a day or two). Security updates are automatically deployed immediately across our network.
You have, within your management portal, the ability (for a short period of time) to delay WordPress updates if you know you have some code you need to refactor.
Our Managed WooCommerce Hosting platform does not automatically update your core WordPress solution. Instead, you can select when this change takes place so you have time to verify your WooCommerce site as well.
Additionally, note that you have the ability to have all of your plugins updated automatically using our visual regression features that look at your site before and after plugin updates to make sure nothing has changed (in a staging environment) and pushes changes to production.
Upon request, we can also consult with you and your developers on how we can secure your individual sites. However, due to the customizations and unique development you create for each website, individual site security is ultimately your responsibility. And because this platform is a shared environment, penetration testing is not allowed. Specific security scans against your website URL may be possible, once you have received permission via ticket.
Your Data is critical. In many cases, it may be your entire business. This is why you will never see our team touch your data. It is too important for us to take any action on. Unless we have your written direction, we will not delete your data or your code/development efforts.
In addition, optimizing your databases is vital. We can advise on database connectivity and performance issues, however, we do not troubleshoot queries, or add/delete data. For critical database issues, we recommend you contact a professional DBA.
Services that are handled outside of Hostdedi (for instance: DNS management, Security services, CDN services or Backup when provided by a third party) are not supported by our technicians. We will be glad to provide guidance when possible, but do not perform configurations or customizations with third-party services.
We have trusted specialists, partners, and agencies to assist with needs outside of our scope of support. For additional information on these providers, please contact our solutions team.
| Features | Hostdedi | Collaboration | Customer |
|---|---|---|---|
| Helpful humans available 24x7x365 via chat, ticket, and telephone | X | ||
| Platform hardware and infrastructure updates and security patching | X | ||
| Platform hardware, and website internal monitoring | X | ||
| Automatic updates to WordPress applications | X | ||
| Log analysis and conflict diagnosis | X | ||
| Website development and design | X | ||
| Plugin configuration and customization | X | ||
| Plugin conflicts with WordPress and WooCommerce applications | X | ||
| Search Engine Optimization | X | ||
| Non-server security issues | X |
As WordPress developers, we have the responsibility to build plugins that benefit our users not just by the functionality our plugins add. Our plugins also should avoid loading unnecessary resources, shouldn’t slow down the backend and should be easy to use, like the WPPB boilerplate plugin.
Remember, the WordPress ecosystem breeds on open-source code and developers building upon each other’s plugins. It’s the spirit of open source to collaborate and create improved code together. But we also need a framework to effectively work together. Hence, Automattic employs strict guidelines when accepting a plugin into their repository (same holds true for themes).
Luckily, there are developers like Tom McFarlin and Devin Vinson. They created the WPPB boilerplate plugin, which is intended to make building WordPress plugins easier.
First of all, let’s talk about why you should consider using boilerplate in your development workflow.
There are a couple of situations in which using WPPB boilerplate makes sense:
Let’s break those reasons down one by one:
Whenever there are multiple developers working on the same code base, challenges occur that single developers rarely face. You need to make sure that:
As a single developer, you usually don’t worry too much about these things. You’re the only one working on the plugin, so the structure is yours anyway. But with many developers, you need to make sure that developer A understands why developer B is writing code the way he/she is.
The WPPB boilerplate helps avoid confusion, as it puts everybody on the same page.
As said earlier, Automattic enforces strict guidelines to the plugins that get accepted in the WP repository. Using the WPPB boilerplate makes it more straightforward to follow those guidelines, as the code is already written following coding standards and documentation standards. So you’re saving time browsing through the WordPress codex and can get to work right away, while simply following the structures given in the boilerplate.
Additionally, the files are already organized the way it’s required by the plugin repository. The file structure clearly shows, which file goes where and takes out all the guesswork.
While developing a stable and reliable plugin should always be a goal, there are situations in which you want your plugin to be rock-solid. If your plugin performs actions without which the business of your client suffers, your code-base needs to be stable, efficient and easy to maintain.
By using a boilerplate plugin as the foundation, you’ll find working on your code more straightforward the more you’re used to the boilerplate structure. Without that fixed structure, it’s easy to – subconsciously – create a new plugin structure for every project you’re working on. That’d make it severely difficult to work on a code you haven’t touched in 6-12 months.
To become a better developer, you have to constantly learn new things and adapt to best practices. One of the fastest ways to familiarize yourself with the WordPress coding standards is to extend a plugin that already implements them. WPPB makes this very comfortable. You can clone any of the example plugins and start learning.
You’ll soon understand why they’re built the way they are and how you can add your custom functionality to them.
Set up a local installation and browse through the code of the example plugins.
Enough of the theory, let’s dive into using WPPB.
For this post, I’ll assume you have a local site installed as the development environment. Having Git installed on your machine helps, but that isn’t mandatory.
The first step is to head over to WPPB.me.
Since the WPPB boilerplate comes with many places that reference your plugin name, slug, author name, etc., it’s a good idea to use the WPPB.me generator when downloading the files. You could clone the WPPB Github repository, but that’d leave all the search+replace work to you.
For this example, we’ll use the following details:
Once you click on “Build Plugin”, your browser will download a zip archive that you can then install on your local site. For that, you can use the regular plugin installer or unzip the archive and place it in wp-content/plugins. After activating the plugin, you’ll see it showing up in your Plugins list.
Ok, the plugin generation and installation process weren’t too exciting – but necessary for starters. To actually start developing with the plugin, let’s look at the file structure.
As you’d expect, the files are very well organized.
The “admin” folder contains logic and UIs that load in the WP-Admin area of the website. Every developer looking at this plugin immediately understands that.
The “includes” folder contains the meat of the plugin, in here you’ll place most of the functionality. As an example, you can extend class-my-plugin-activator.php to set up custom database tables, custom wp-cron jobs, or to check for other plugins and dependencies. Inside class-my-plugin-deactivator.php, you can clean up the website when your plugin is deactivated.
Following the Internationalization Standards, class-my-plugin-i18n.php loads the plugins’ text domain.
Regardless of what plugin file you’re looking at, you’ll find that the code is exceptionally well documented.
In the screenshot, you can see the core file for your new plugin, which to me is the ideal starting point for understanding how the plugin logic works. Any time you come across the string “my-plugin” or “My_Plugin”, remember that I set it in the generator. That’s why I prefer generating the boilerplate over just cloning the Github repo. Without the generator, you’d have to go through all plugin files and adjust those strings to match your plugin name.
Let’s briefly touch upon the file structure for assets like JS or CSS files.
To take all guesswork out of development, WPPB is organized in separate folders for CSS, JS, and partials. As you’d expect, class-my-plugin-public.php is responsible for enqueueing CSS and JS properly and for loading the partials as needed. When you open the file, you’ll see that it uses the regular wp_enqueue_script, wp_enqueue_style, and wp.
If you’re not familiar with working with partials, I recommend you read through the Template File documentation. “A template partial is a piece of a template that is included as a part of another template, such as a site header. Template partials can be embedded in multiple templates, simplifying theme creation.” – WordPress documentation
While the documentation talks about theme creation, you can obviously include partials in plugins as well, both in backend and frontend. For the frontend, a viable way to use a partial might be embedding it in a shortcode. In the backend, you might want to use a partial in your plugin’s admin pages (which we’ll cover in this article).
Obviously, the files are almost empty now and only the most fundamental logic is in place. This great for starting a new plugin from scratch, but might not be ideal for learning how the boilerplate code works. For learning, I recommend you install the WPPB Demo Plugin and familiarize yourself with it.
As you can see after activating the WPPB Demo Plugin, there is a new options page in the “Plugins” menu.
To examine how this page was added, let’s go through the plugin code.
Searching for the place where the “WPPB Demo Options” page was added is simple, we have to look at the “admin” folder. Based on the folder structure, there simply is no other place to put code that loads in the WP-Admin area.
This new file handles the content showing on the admin page. You can examine its logic and you’ll see that it is capable of:
Please see these functions as for what they are: examples. Don’t expect them to be deeply integrated into whatever theme you’re using. They’re meant to explain how you can build similar functionality with your new plugin. Loading the content takes place in class-wppb-demo-plugin-admin.php, in the load_dependencies() function in line 70.
Of course, it’s entirely up to you if you add the plugin settings as an item in the “Plugins” menu, as the main menu item, or an Options page. You can change the implementation at any time, by modifying the setup_plugin_options_menu() function in line 55 of class-wppb-demo-plugin-settings.php.
However, I suggest you focus on the UX of the backend. It’s not always a good idea to clutter the WP-Admin menu with menu pages, just because you think your plugin is more important than other plugins.
To me, the WPPB boilerplate plugin is a fantastic foundation for building a WordPress plugin from scratch.
I think it suits projects that:
The WPPB boilerplate plugin also can be overkill though, especially if you:
Keep in mind, that developers who work with the code for the first time will need to familiarize themselves with the boilerplate. Once they know WPPB boilerplate though, they’ll be in a good position to build a plugin that follows WordPress coding and documentation standards.
Hostdedi’ Managed WordPress solution automatically handles image compression and all plugin and core WordPress updates so you can focus on creating an exceptional plugin.
Get started with a free two-week trial of fully managed WordPress by Hostdedi.
For online store owners, cybersecurity is mission critical. Today, you’re not just selling products and services, you’re selling a secure shopping experience. When customers don’t trust you enough to enter their payment information, you get high rates of shopping cart abandonment.
But cybersecurity threats are constantly evolving and getting more sophisticated. Now, hackers use so-called “fileless” attacks that exploit your website’s vulnerabilities and steal information without the use of executable files. Security reports show fileless attacks are on the rise.
While ecommerce plugins like WooCommerce offer adequate transactional security, they may not provide enough overall protection to stay ahead of cybersecurity threats without additional precautions. Our team has had WooCommerce security on our mind for years. As we recently launched our Managed WooCommerce Hosting service, we realized it would be valuable to outline some of the WooCommerce security issues website owners should be taking. Keep reading to learn how to secure your WooCommerce site.
Weak or easily predictable passwords are major flaws in your security plan. If you’re using short, simple login credentials because they’re easy to remember or sharing logins across many websites, you’re taking an unnecessary risk with your customers’ data.
Cyberthieves use brute force attacks to guess your password. With specialized software, they can quickly make repeated attempts at different password combinations until they find yours. If your password is “password1” or “qwerty”, a brute force attack will only take a matter of minutes, but the damage to your website and your customers will last much longer.
Strong passwords are complex, long, and contain alphanumeric characters. However, this means they’re also difficult to remember. Here are some helpful ways to create strong passwords that are easy to remember:
Use a long phrase to create a shorter string of characters. For example, “Laugh and the whole world laughs with you, cry and you cry alone.” becomes LATWWLWYCAYCA — a 13-character password. Make a few letter-number substitutions and vary the capitalization, and you’ve got a fairly strong password that’s easy to remember.
Passphrases create highly secure passwords and they’re even easier to remember than acronyms. To create a passphrase, choose four random words — “mall”, “tongue”, “meal”, “reflection” — and string them together to form a lengthy password: “malltonguemealreflection”.
Again, substitute some letters for numbers and add a few special characters and you’ve got yourself a password that will elude the best brute force efforts.
Password managers bring the best of both worlds to password creation. They randomly generate strong passwords and remember for you.
You create a master password that gives you access to all of your other sign-in credentials. Instead of typing your passwords into a login field, you can set your manager to automatically log you into your account.
Because you’re not using the keyboard to type in your password, you’re lowering the chances of a hacker using keylogger software or “keylogger” to steal your credentials.
Whether it’s for accessing your Google account or your server, you need to set up two-factor authentication (2FA) as an extra layer of security. 2FA requires those logging in to prove their identity through a physical device — most commonly, a cell phone.
This two-step process requires not only a username and password, but an additional piece of information for verification. You’ve been using 2FA for years at the bank. Withdrawing cash from an ATM requires both your debit card and your PIN — something you have and something you know.
Your sign-in credentials are the gateway to your customers’ private information. If a cybercriminal breaches your email account, they could potentially find payment information, names, addresses of your customers. But with 2FA, even if a cybercriminal steals your login credentials, they won’t be able to access your accounts without the added piece of information. You can easily set up 2FA for your WordPress account with either Google Authenticator or Google Authenticator for WordPress plugins.
Your customers need to use 2FA as well. When your website gives customers the ability to use a two-step security process, it gives them the power to protect their accounts. There are several WordPress plugins that allow you to improve security for your site with two-factor authentication. Some security plugins like iThemes Security Pro have the 2FA built right in.
If your website software isn’t up to date, it becomes much more vulnerable to cyberattacks. In addition to making changes to functionality, software updates also include security patches that close off vulnerabilities in the software that cyberthieves love to exploit.
If you use a dedicated or unmanaged server, you’ll need to take extra steps to keep your server software up to date. That goes for your WordPress plugins and website templates as well.
It can be a hassle to manage updates, and sometimes it’s an easy task to put off until tomorrow. But that’s a dangerous game to play. Unpatched servers open the door to cyberattacks, like the Wannacry ransomware that targeted servers with out of date software and caused millions in losses.
Keep your cybersecurity practices organized and predictable by creating a monthly schedule for checking and installing the latest updates. Even if it means a little downtime for your website, that’s still better than a DDoS attack that shuts your site down completely.
One critical layer of defense against data breaches is encrypting all of the information that’s transmitted from your customers’ web browser to your server. Cyberthieves can easily swipe unencrypted data and use it to steal your customers’ identities, so using security technologies like Secure Sockets Layer (SSL) is essential.
Using a standard SSL Certificate ensures private information like credit card numbers and passwords are encrypted into data that only the customer and website can decrypt.
What is an SSL & How Do I Get One? >>
SSL Certificates also identify your eCommerce site as a secure website to shoppers, assuring them that their transactions and personal data are safe. Often phishing attacks lead consumers to fake websites created to look like legitimate ones for the purposes of tricking consumers into giving away their sign-in credentials.
Best SSL for Web Server Hosting >>
SSL Certificates indicate to visitors that your site is secure, encrypted, and legitimate. They’re the kind of social proof you need to build trust in your website and brand — a powerful way to sell security. Sites like Let’s Encrypt offer free, automated, open certificate authority so owners can enable HTTPS for their websites.
Covered by Hostdedi’ Managed WooCommerce Hosting
Hostdedi provides SSL certs for all our Managed WooCommerce Hosting, but also sells several different SSL Certificate options from GlobalSign — a well-respected name in the encryption industry — if you need something different.
The Payment Card Industry Data Security Standards (PCI DSS) are guidelines for online transactions. Most major card acceptance programs require merchants to be PCI DSS compliant in order to use their services, so getting and maintaining compliance is necessary if you want to accept most types of payments. Plus, compliance means you’re taking the right steps to keep your customers’ data safe.
8 Best Online Payment Methods for Ecommerce Stores >>
PCI DSS also covers how you should set up and maintain your server to protect your customers’ payment information. As of July 1, 2018, changes to PCI standards require merchants to upgrade to more secure communication protocols. This means adding and re-configuring your servers to work with new, more secure transaction processes. This can be a costly operation if you have to shut your website down, or if you’ve not successfully met compliance standards and can’t process transactions.
An Introduction to WooCommerce Payments >>
The criticate for PCI compliance depends on your designated merchant level, which is determined by how many transactions you have per year. Most merchant levels require annual self-assessments, network scans, and third-party services to scan your transactional process.
Backing up your data to an off-site location is the best disaster recovery plan you can have. Cyberthreats like ransomware attacks can result in corrupted data, lost money, or both.
Off-site data protection ensures you have backups for sales transactions, customer information, and server configurations ready to go if disaster strikes. Data protection solutions are growing in popularity among SMBs with limited or no IT staff and for larger companies that want to protect the data of higher risk consumer groups like mobile laptop users.
When cyberthieves try to extort a hefty ransom for getting your data back, off-site backups will transform their demands into empty threats.
Covered by Hostdedi’ Managed WooCommerce Hosting
Hostdedi includes daily backups as part of its Managed WooCommerce Hosting offering. So you’re fully covered.
Unlike their name suggests, firewalls work more like filters, constantly monitoring what data comes in and out of network, and who visits your website. For example, firewalls carefully monitor access to your customer database by outside sources, and they protect your website from dangerous DDoS attacks and other malicious traffic.
Because firewalls scan huge amounts of data, they can become a drag on your website’s performance. Your IT team should choose one that keeps your pages loading quickly.
Like a firewall, antivirus protection identifies and eliminates (or quarantines) harmful computer viruses like trojans, bots, spyware, and worms that can infiltrate your server and cause chaos. Antivirus software monitors and scans downloaded programs and executable files, using common virus signatures to locate harmful programs. Many computer viruses are transmitted through phishing emails. Others contaminate devices through “drive-by downloads,” acquired by simply visiting an infected website.
Computer viruses spread. That’s their job, and you need the ability to keep them from spreading. One phishing email that infects your computer with a worm could potentially send thousands of infected emails to your customers with your letterhead on it! You would be contaminating their computers, putting their data at risk, and hurting your customer relationship.
Computer viruses can hurt sales. If customers can’t trust your emails, why would they trust your business? Install enterprise-level antivirus software from a reputable vendor and head off these problems before they happen.
Covered by Hostdedi’ Managed WooCommerce Hosting
Hostdedi performs nightly malware scans of your website to make sure you’re virus free.
If your core WordPress files and folders aren’t set at the correct permission levels through your FTP, a hacker could find their way into your server and inject their own code or alter your site’s content. Locking down your site’s more sensitive directories will help limit who can read, write, and execute your website files.
The FTP permission schemes for WooCommerce are the same as those for any WordPress website, so adjusting and checking them only takes a little effort. While you should always give your server read and write permissions, make sure your FTP account only has write access to your root directory, wp-admin, wp-includes, and wp-content folders.
Some eCommerce platforms put your store on a shared environment alongside other websites. That not only hampers website performance and scalability, it also affects your WooCommerce site’s security. To avoid these issues, smart store owners are turning to hosts with server segmentation or “container” architectures. With segmentation, each website running on a server gets its own, isolated environment that shares the host server’s operating system.
Containers isolate your website from other websites on your server that could put yours at risk. In a shared server environment, one malware infection can quickly spread to every other website on a server. With segmentation, these threats are limited only to those infected.
Covered by Hostdedi’ Managed WooCommerce Hosting
Our managed service is built on the concept of “orchestrated” containers. They automatically expand to provide more resources when needed, while keeping your store isolated from others.
To take your WooCommerce website to a new level of security, you need to begin with a solid foundation. Managed WooCommerce Hosting not only increases your website’s performance, it lets you easily add security features that seamlessly integrate into our hosting environment.
Check out our WooCommerce hosting plans, or experience it for yourself with a free trial.
Mergebot Aims To Make…
February 8, 2017
How Do Visitors Find…
December 7, 2017
How To Increase Ecommerce…
August 31, 2021
Magento Maintenance: Five Tasks…
September 9, 2021
Deployer Helps Integrate GitHub…
September 9, 2021
What is a commerce platform? (And why is it important?)
December 5, 2022
November’s Top WordPress Tweets: A Cornucopia
December 1, 2022
Internal Linking Guide for Your WordPress Site
November 29, 2022
11 Tips for creating repeat ecommerce customers
November 28, 2022
How to Fix an Error Establishing a Database Connection in WordPress
November 23, 2022