CAll Us: +1 888-999-8231 Submit Ticket
Why WooCommerce is a Powerful Affiliate Marketing Platform

Why WooCommerce is a Powerful Affiliate Marketing Platform

The goal of ecommerce marketing is to expose a store’s products to people most likely to buy them. There are many ways to achieve that goal: display advertising, email marketing, content marketing, and more.
Affiliate marketing is one of the most popular marketing strategies: 80 percent of brands use affiliate marketing to promote their products. It’s also one of the most cost-effective; unlike display advertising or content marketing, there are few upfront costs because affiliates take on the burden of content creation and promotion.
WooCommerce is an excellent platform for building an affiliate marketing program. A WooCommerce store combines WordPress’s strengths as a content management system and WooCommerce’s sophisticated ecommerce features. With the addition of one of the affiliate marketing plugins we are about to discuss, WooCommerce is fully capable of supporting the largest and most complex affiliate marketing programs.

What is Affiliate Marketing?

Affiliate marketing provides rewards, typically a percentage of the value of a sale, to third parties that refer customers to an ecommerce store. The affiliate fees give marketers, bloggers, and other retailers an incentive to promote the store’s product. Amazon’s affiliate program is a great example. Many blogs and review sites are supported entirely by money paid by Amazon to affiliates who refer customers.
A retailer of high-end audio equipment might create an affiliate program to encourage audiophile blogs to write about their products, for example. The bloggers write reviews, make YouTube demonstration videos, and promote the products on social media. Because the blogger already has an audience of audiophiles, the products are promoted to customers who are already inclined to buy.
It would be expensive for the retailer to pay for social media promotion, blog articles, and video content, but with an affiliate program they don’t pay anything unless a customer is referred and buys a product.

How Does Affiliate Marketing Work?

First, a retailer creates an affiliate marketing program on their store. Then, prospective affiliates join the program. Affiliates are given links with identifying codes to use when promoting the store’s products. When a customer clicks on a link on the affiliate’s site, the store knows whose link was used. Any products bought by the referred customers are recorded by the store, and, at fixed periods, the affiliate marketer is paid their percentage of the sale value.
That’s the nutshell explanation of affiliate marketing, which can get a good deal more complicated, but with a decent affiliate marketing plugin, most of the details are automated. An affiliate marketing plugin also provides a range of analytics tools to help ecommerce retailers to optimize their affiliate program.

Affiliate Marketing Plugins for WooCommerce

There are many affiliate marketing plugins available for WooCommerce, but we’ll highlight two of the best, one premium and one free.

AffiliateWP

AffiliateWP is a premium affiliate marketing plugin with a comprehensive array of features and its own add-on ecosystem. AffiliateWP is designed to be easy to use, and anyone familiar with WooCommerce should have no trouble installing it and configuring a basic affiliate marketing program.
Standout features include excellent integration with WooCommerce and membership plugins, powerful affiliate management features and analytics with real-time reporting, reliable affiliate tracking, and handy asset management for providing affiliates with branded visual resources and text links.

Affiliates Manager

Affiliates Manager is a free WordPress affiliate plugin that integrates with WooCommerce and other WordPress ecommerce plugins. It’s not quite as feature rich or slickly designed as AffiliateWP, but it has all the features a WooCommerce user needs to recruit, manage, and track their affiliates.

Source link

6 Magento Alternatives You Should Be Considering After Magento 1

6 Magento Alternatives You Should Be Considering After Magento 1

Magento 1 (M1) will be sunsetting June 2020. While the eCommerce platform will still be accessible and usable by both merchants and devs, it will no longer receive official support from either Magento or Adobe. That means that for the 180,000 merchants running M1, the hunt for Magento alternatives is on. 

Are you unsure where to go once M1’s life draws to a close? Here, we’ll cover some of your options, along with the pros and cons of each. Hopefully, by the end of this article, you’ll have a clearer idea of where your next step on your ecommerce journey will take you. 


Don’t have time to read this now?

Download the After M1 eBook for a complete list of your best options – for when you do have time.


WooCommerce

You may be surprised by the first alternative on this list. You’re probably thinking that WooCommerce just doesn’t have the capabilities you’re looking for in a Magento alternative. This is especially true if you have any experience in WooCommerce and the WordPress space. And you may be right; WooCommerce isn’t as functional as Magento. However, it does have its advantages. 

WooCommerce sits perfectly between being a SaaS product like Shopify, and being a self-hosted ecommerce CMS you have full control of like Magento. It plays a fine line between ease of use and feature sets, and it does so brilliantly. You may be surprised by the types of stores that are on WooCommerce. It’s not all small businesses. 

In 2018, WooCommerce looked into its user base in more detail. They analyzed stores to see where they are coming from and their size. What they found was surprising

WooCommerce is not the ecommerce platform of small merchants some developers think it is. There are a number of larger stores using it as well. 

A large number of WooCommerce stores actually fall between the $100,000 to $500,000 range, with some extending as far as $1 million in annual revenue. Brands that have made WooCommerce their ecommerce platform of choice include Blue Star Coffee, Weber, Ripley’s Believe It or Not, and Singer.

WooCommerce is not the best choice for large stores that involve a lot of moving parts. But it is a great Magento alternative for smaller and medium-sized stores looking to take control.

Why use WooCommerce instead of Magento?

  • It’s very easy to use, while still offering impressive flexibility for developers
  • It offers a large number of plugins to increase functionality
  • It has a large selection of themes and templates
  • It’s lightweight, so can load content faster

Why use Magento instead of WooCommerce

  • WooCommerce, while flexible, doesn’t have the ecommerce functionality of Magento
  • Magento is better for growing merchants
  • Magento has a great community that supports ecommerce specifically

 

Stay on Magento 1

Your second alternative isn’t an alternative, and comes with a question. Why make the move at all? Have you thought you need to make the move because of the warnings you’re seeing from the community and in your installation? 

Sentiment regarding the Magento 1 End Of Life is split in the community. Fears regarding security vulnerabilities, loss of PCI compliance, and more are on one side. While devs offering continued support and security updates are on the other. 

As a hosting provider, we will continue to support merchants that wish to stay on Magento 1, by making sure to keep our web application firewall up to date to help with security. We’ll also continue to maintain server-side performance optimizations for the first version of Magento. 

Staying on Magento 1 means doing everything you can to secure your site. From hosting to development, don’t cut corners when the future of your store is at stake. 

If you decide that staying on Magento 1 – even if just for the time being – is the right move for your store, then there are a few things you’re going to want to do. Firstly, upgrade your store to Magento 1.9. Unlike replatforming, this does not require much work or expense and is a simple patching process.

You’re also going to want to upgrade any other software you’re running as part of your application stack. This includes your PHP, MySQL, and Apache versions, along with any other applications you’re running as a part of your stack. The Hostdedi support team can help with this. Get in touch and we’ll make sure your hosting environment is as secure as possible. 

Finally, don’t forget to communicate with your developer (if you have one) about what they think staying on Magento 1 means for your store. Some developers will try their best to accommodate you and put in place safeguards so your store isn’t exposed to vulnerabilities. 

Why Stay on Magento 1 instead of moving to Magento 2?

Download and read After M1 to find out more detailed reasons for why staying on M1 may be the right option for your store. 

 

BigCommerce (For WordPress)

Perhaps WooCommerce isn’t the right fit for your store. Maybe Staying on Magento 1 is out of the question. Where do you go next? 

BigCommerce started out as a SaaS application but has since expanded into the headless (decoupled) market. We offer this as an option in the form of BigCommerce for WordPress. The Advantages? Merchants can use both the backend of BigCommerce for ecommerce management and the frontend of WordPress for displaying it. 

This means is more flexibility, better potential user experiences, and the ability to ramp up your content marketing strategy. Remember, content and product SEO are different, so don’t charge in head-first if your not as experienced with content SEO. 

BigCommerce is the Magento alternative for merchants looking for both great content and product management capabilities.

BigCommerce for WordPress also comes with premium support from both Hostdedi and BigCommerce. In the event something goes wrong on either the application or the hosting side, you’ll immediately be able to reach out to a relevant member of the support staff to resolve your problem. The faster it’s resolved, the quicker you’re going to be able to start selling again. 

Why choose BigCommerce instead of Magento?

  • It offers both great ecommerce and content functionality
  • Both BigCommerce and your hosting provider are able to offer support

Why choose Magento instead of BigCommerce?

  • Magento still offers more in terms of functionality
  • BigCommerce charges transaction fees
  • BigCommerce is a closed source application without the development community of Magento

 

Sylius

Perhaps you’re a developer or merchant that loves to live on the bleeding edge. Maybe you’ve always prided yourself on staying up to date with the latest and greatest. Or perhaps you’re all about taking the reins when it comes to functionality. 

If that sounds like you, then Sylius is probably your platform of choice. 

Sylius is an open source ecommerce platform that runs on Symfony. That means more customization, more functionality, and stronger alignment with dev best practices. Plus, with it being open source, the community for support only continues to grow. 

Currently available in standard and enterprise forms, Sylius is a good option if you’re looking to stay ahead of trends in web development. However, if your store needs to remain reliable, then it may be better to look elsewhere. 

Why choose Sylius over Magento

  • Sylius is cutting edge in ecommerce web development
  • It allows merchants to create a heavily customized ecommerce experience

Why choose Magento over Sylius

  • Magento has a longer history and is a more secure foundation
  • There is a larger selection of extensions for Magento
  • You may be limited by your programming expertise

 

Shopify

On the other end of the functionality spectrum is Shopify; a SaaS application built to make ecommerce easy. 

Shopify is one of the more popular options around, and it’s easy to see why when you take a look at its ease of use. For small merchants, the process of going from store idea to selling is quick and easy. However, this ease of use isn’t all it’s cracked up to be – especially when a store starts to grow. 

Shopify is a good option for merchants getting started in ecommerce, but as they grow its limitations become increasingly apparent. 

Shopify comes with a number of limitations that can ultimately hurt a merchant’s bottom line. 

One of the most significant of these limitations is transaction fees. While alternatives like WooCommerce and Magento let merchants use a number of different payment processors without needing to pay transaction fees, Shopify only allows you to avoid them if you use Shopify’s payment service. This can cause problems with lock-in once you start needing an alternative. 

Other limitations also start to appear when considering Shopify SEO. These include:

  • A rigid URL structure
  • Limitations to meta titles and descriptions
  • A locked robots.txt files
  • An inability to edit tag pages
  • No good way to handle duplicate content

For merchants that want their store to rank for important search terms, these SEO limitations can quickly outway the advantages that come with Shopify’s ease of use – especially if you’re a merchant with a lot of products. 

Why choose Shopify over Magento?

  • It’s easier to use and get started with
  • It comes with a large selection of templates and themes

Why choose Magento over Shopify?

  • Magento offers more in terms of flexibility and functionality
  • Magento doesn’t have transaction costs
  • Shopify has some serious SEO limitations

 

Prestashop

Prestashop is another option that works well for merchants looking to leverage a platform that offers ease of use. 

Originally released in 2008, Prestashop comes in both self-hosted and SasS forms. While the user base for both has diminished over the last few years, it’s still a strong competitor for small stores.

Moreover, perhaps because of its self-hosted background, when compared with other SaaS platforms, it manages to hold its own in terms of functionality. Some of the main reasons you may decide to use Prestashop include: 

  • Easy to use and intuitive interface
  • A good selection of themes and templates
  • Over 3,900 extensions for expanding functionality
  • A lightweight platform that is usually fast

Despite these advantages, Prestashop, like Shopify, just can’t compete with some of the bigger players in terms of functionality and flexibility. For medium stores or those that expect to grow, it quickly becomes a bottleneck that prevents continued growth. 

Prestashop is a good option if you’re looking for a platform that offers ease of use. But it trails behind some of the more powerful options in terms of functionality. 

Magento, for example, offers a number of complex options and tools for managing omnichannel customer journeys and multi-site stores with localization requirements. This is an advantage that can particularly help stores with international customers. Localization with Prestashop doesn’t offer the same level of detail or a truly “local” experience. 

Prestashop – just like Shopify-  also falls down in terms of SEO. In fact, stock Prestashop doesn’t even have some SEO features you would expect to see, like meta titles and descriptions. To gain access to that functionality you have to download an extension. 

Overall, Prestashop isn’t the best option on this list. It does, however, offer a suitable alternative to Magento for merchants looking to simplify their commerce experience. 

Why choose Prestashop over Magento?

  • Prestashop is easier to use and develop with. 
  • Prestashop offers a large number of themes and add-ons

Why choose Magento over Prestashop?

  • Prestashop has terrible SEO features
  • Magento offers more in terms of features and functionality

 

Source link

Content + Commerce: A Magento 1 End of Life Discussion

Content + Commerce: A Magento 1 End of Life Discussion

At the beginning of the year, the Hostdedi research team put together a report on the State of Hosting at the start of 2019. In it, we predicted that Data Protection would only increase in importance, headless implementations would become more mainstream, and development would improve as hosting infrastructure continued to decrease in visibility. 

It’s now approaching the end of 2019, and many of these predictions have come to fruition. Most vitally, for ecommerce stores, this has meant an increased lack of division between content and commerce.

In 2018, 67 percent of Magento store owners stated that they plan to adopt PWA at some point in the future. Their reasons for doing as such were the improved development capabilities of headless implementations, and the ability to stay ahead of the curve. This wasn’t just because of infrastructure. It was also because of content. 

The division between content and commerce isn’t what it once was. This means more opportunities in a wild west-esque content landscape.

According to Technavio, a leading market research company, the content marketing industry is set to grow by 16 percent between 2017 and 2021. According to their lead researcher, the reason for this is that “The effectiveness of traditional marketing is decreasing by the day. Companies must adopt the latest marketing trends to enhance their business and increase their consumer base.“ 

The important takeaway here is that companies are trying to adopt the latest marketing trends to stay ahead. In 2019 and 2020, that means content. 

 

 

Is Content Marketing New?

Content Marketing is nothing new. According to the Content Marketing Institute, one of the first recognized examples of content marketing was from none other than Benjamin Franklin. In 1732, he published the yearly Poor Richard’s Almanack. The reason? To promote his publishing business. 

Then, in 1801, the bookstore Librairie Galignani recruited a content strategist to help them grow their business. Most significantly, this meant creating a newspaper that featured excerpts from famous writers and books. And then there were many, many other content marketing efforts from companies around the world. Each more innovative and influential than the last. 

Content Marketing has been around for a long time, but it’s only relatively recently that commerce businesses have started to ramp up its importance in the digital space. 

Enter the digital age. Content marketing experts initially continued to invest heavily in traditional forms of content marketing. Then SEO started to make an appearance, and those strategies changed. Then Marketing automation and personalization appeared. Again, those strategies changed. 

Today, content has become an important part of the buyer’s journey. It does more than just provide reading material. It helps to shape a brand, build advocates, and create a community that rallies around the same beliefs and ideas. 

 

Enter Magento PWA and the Magento 1 End of Life

With the Magento 1 End of Life fast approaching, merchants now have an opportunity. Moving to a progressive web application is a very real possibility, and comes with a lot of advantages over current, single application deployments. A few of those advantages include:

  • More front-end control
  • The ability to create improved user experiences
  • Reduced cost of development
  • Cross device communication and mobile-first design
  • Continued engagement through automated push notifications
  • Improved multi-team collaborative processes

With these advantages, it almost seems as though PWA is the obvious choice for moving forward. Increasingly, hosting providers are also ramping up support for PWA application stacks. This means faster deployments, quicker page load times, and optimized development environments. 

 

 

The Content + Commerce Mix: Magento Alternatives

Magento isn’t the only player in PWA. Also known as headless and decoupled, Drupal and WordPress have both been making strides into the space. Commerce platforms have also made a play, providing headless architecture as a way to satisfy the growing content demands of merchants. 

There are headless and decoupled alternatives for several content platforms – most notably WordPress and Drupal.

One company doing this very well is BigCommerce. Their BigCommerce for WordPress (BC4WP) implementation has come a long way to offering merchants a reliable and scalable headless option. Moreover, with WordPress a well-known and well-used application, merchants are easily able to adapt their internal teams to the content management process. 

 

 

The Possibilities of a Post-Magento 1 World

Now is the time to get your store ready for the next stage of its lifecycle. Now is the time to explore the possibilities open to you as a merchant for both improving the buyer’s journey on your site, and managing the complex range of development and content curation processes that already exist within your organization. 

Interested in learning more about your options after Magento 1? Learn everything you need to know about the Magento 1 End of Life. Thinking of just moving to Magento 2? See how the two platforms compare and judge whether replatforming is right for your business. Alternatively, download our guide to After M1, offering a list of viable alternatives and why you should choose them. 

Source link

ElasticSearch Makes Magento Search Faster and More Accurate

ElasticSearch Makes Magento Search Faster and More Accurate

Search is an essential feature of an ecommerce store. And for any store with more than a handful of products, it’s one of a handful of ways that customers can narrow product selection to a manageable number. So finding the right search engine for your store is vital. For Magento merchants and developers, that search engine is Elasticsearch. 

Despite the advantages of Elasticsearch, many Magento merchants still run their stores on obsolete and outdated search software. In fact, 42% of companies don’t try to optimize search as all.

Originally developed in 2010, Elasticsearch has grown to become one of the biggest players in search offerings. It has largely replaced rivals SOLR and Sphinx. For Magento sites, it’s now become the default search option, replacing MySQL which has been deprecated. 

How Elasticsearch Works for Ecommerce

Magento includes built-in search functionality that previously, by default,  used a MySQL database. MySQL and its variants are powerful, but they aren’t the ideal back-end for a search engine. We use search engines every day and we are accustomed to a sophisticated search interface that can turn our vague and often badly spelled queries into useful results.

MySQL isn’t well-optimized for that use case, which is why Magento previously would – on occasion – return less-than-useful search results.

ElasticSearch, on the other hand, is highly optimized for fast and accurate search. As a Java-based document store – what used to be called a NoSQL database – it’s engineered to store huge numbers of JSON documents and retrieve them according to criteria supplied by the user. 

Imagine wanting to find a specific set of headphones which have something to do with Master Class about them, but it’s not their name. You type it in and you’re given a large selection of products you really aren’t interested in.

Frustrated with Magento search experiences?

Customers frustrated with their Magento search experiences?

Don’t worry, Elasticsearch is here! ES allows for a merchant to specify different criteria the user may be searching for – beyond just the name. This may include the description, the manufacturer, the release date, and more. 

In short, it makes an ideal search engine back-end for ecommerce stores and many other types of website. It also makes the ecommerce search experience just that much better.  

And when combined with Magento, ElasticSearch’s built-in functionality augments ecommerce search with a host of useful improvements.

 

Extremely Fast Search

ElasticSearch is much faster than Magento’s default search, especially when searching through large product catalogs. It can run searches over millions of products without breaking a sweat, and it’s a rare ecommerce store that approaches that number of products.

The speed at which ElasticSearch returns results can be used for features such as continuously updating results: as the user types their query, the search results update immediately because ElasticSearch searches faster than users can type.

 

More Accurate Results

Shoppers don’t want to have to carefully craft search queries. They want to enter a vaguely appropriate query and have the search engine to figure out what they mean. ElasticSearch is packed with features that help match queries to relevant results, even when the queries aren’t especially well-formed.

Among the features is fuzzy searching, which matches products similar to the query but not exactly the same with a technique called the Damerau-Levenshtein distance formula. Fuzzy searching helps stores to surface and rank the right products from their catalog even when the shopper mistypes or searches for a related product that isn’t in the catalog.

 

Easy to Use

Given the complexity of what ElasticSearch does, you might expect that it would be difficult to use. In fact, it couldn’t be easier. Once you hook ElasticSearch up to Magento, search is immediately improved without any complicated configuration. ElasticSearch ships with sensible indexing defaults and can begin returning better results in no time at all.

 

Improves UX

The average user spends just 8 seconds looking at a search results page. That’s 8 seconds to provide them with the right answers – in this case, products. Miss that time frame and you’re at risk of them looking somewhere else. After all, would you stay in a store if the attendant kept trying to sell you something you didn’t want?

It’s for this reason that product search is so vital. And with that browsing time only decreasing, the benefits of Elasticsearch give merchants less to worry about. 

Elasticsearch improves Magento UX by combining all of the features mentioned above. Faster speed means customers are able to find products faster. More accurate results mean they’re able to find the right products. And ease of use means merchants are able to enable it without too much extra work. 

 

Get Started with Elasticsearch for Magento the Easy Way

With Hostdedi ElasticSearch cloud hosting, Magento retailers can deploy a scalable and secure ElasticSearch instance in minutes. 

We’re happy to help Magento hosting customers to integrate their ElasticSearch instance with Magento. Get in touch today to learn more about Magento and ElasticSearch.

Source link

How Hostdedi Helps Your Store Stay PCI Compliant

How Hostdedi Helps Your Store Stay PCI Compliant

Having a PCI compliant store requires the sustained efforts of both yourself and your hosting provider. Although there are no shortcuts, choosing a credible web hosting provider is an effective place to start. Even so, most PCI requirements can only be met by you, the merchant. Read on to learn more about the dividing line between host and merchant, and why it can be worthwhile to go beyond PCI for your customers.

 

What Is PCI?

nexcess locked safeIn ecommerce, PCI is shorthand for Payment Card Industry Data Security Standards (PCI DSS). Created in 2004, PCI DSS aim to help protect consumers and prevent credit card fraud. It is required for any organization that receives, processes, or stores credit card data of any of the five members of the PCI Security Council: VISA, MasterCard, American Express, Discover, and JCB.

The list of requirements is extensive, to put it mildly. The requirements span six categories, and each category is divided into several hundred specific requirements. Some fall exclusively under the domain of either merchants or hosting providers, while some extend to both. PCI compliance is also not a one-time requirement, as the Security Council makes periodic adjustments to address new threats to consumers.

Compliance is not a “one-and-done” event. It requires daily, weekly, monthly, and annual tasks to maintain compliance. There are 12 general requirements divided among six categories. For illustrative purposes, we’ve listed these same categories, but also included more specific requirements from within PCI DSS. 

6 Key Categories for PCI Compliance

Build and maintain a secure network. Install and maintain a firewall. Use unique, high-security passwords with special care to replace default passwords.

Protect cardholder data. Whenever possible, do not store cardholder data. If there is a business need to store cardholder data, then you must protect this data. Encrypt any data passed across public networks, including data passed between your shopping cart, your Web-hosting provider, and your customers.

Maintain a vulnerability management program. Use antivirus software and keep it up to date. Develop and maintain secure operating systems and payment applications. Ensure your antivirus software applications are compliant with your chosen card companies.

Implement strong access control measures. Access to cardholder data, both electronic and physical, should be on a need-to-know basis. Ensure those people with electronic access have a unique ID and password. Do not allow people to share login credentials. Educate yourself and your employees on data security, and specifically the PCI Data Security Standard (DSS).

Regularly monitor and test networks. Track and monitor all access to networks and cardholder data. Maintain a regular testing schedule for security systems and processes, including: firewalls, patches, web servers, email servers, and antivirus.

Maintain an information security policy. Establish a clear and thorough organizational data security policy. Disseminate and update this policy regularly.

PCI non-compliance can result in fines ranging between $5000—$100,000 per month, depending on the size of the offending organization, its severity, and other factors. Non-compliance can also result in legal action, security breaches, and lost revenue.

PCI Requirements for Hosting Providers 

nexcess monitoringIt is virtually impossible for the typical merchant to be PCI compliant without enlisting the services of a compliant hosting provider. Merchants that host their own websites must meet hosting provider requirements in addition to meeting those for merchants. Such a model works for massive enterprises like Amazon and WalMart, but few others. 

Following are some of the highlights of our systems and policies that uphold our status as a PCI compliant hosting provider. The term “cardholder data environment” refers to any system that stores, processes, or transmits credit card data as well as any system that has access to cardholder data environment itself.

We maintain a web application firewall (WAF), which monitors all connections between the cardholder data environment and other networks. ModSec prohibits public access to sensitive areas, identifies untrusted connections, and hides IP addresses and routing information from unauthorized parties. 

We apply industry-accepted configuration standards for all system components that address all known security vulnerabilities. This extends to our internal and external network, our operating systems, and hardware required to host web services.

We apply cryptography and security protocols that encrypt and protect cardholder data even when transmitted across public networks. SSL certificates and other trusted security keys are unilaterally enforced. Only modern TLS ciphers are permitted.

We restrict physical access to our data center with 24-hour security policies and a team trained to implement them. This includes, but is not limited to:

  • Video surveillance with 90-day footage history
  • Secured entry with at least two-factor authentication (PIN, access card) in most areas, and three-factor authentication (PIN, access card, thumbprint) in areas housing the cardholder data environment
  • Visible identification on all team members
  • Visitor policy that prevents unauthorized public access; authorized external individuals have access only to required areas and are escorted at all times 
  • Team members are given access to the cardholder data environment only if their role requires it
  • Restricted access to network jacks, wireless access points, gateways, networks, and other lines of communication

We track and monitor access to network resources and cardholder data, though it falls to clients to maintain logs and monitor logins for their own applications (Magento, WordPress, and so on).  

We regularly test our security systems and processes, and perform internal penetration testing at regular intervals as well as after any significant infrastructure upgrade. 

PCI Requirements for Merchants

Secure store with HostdediProperly implemented, PCI compliance helps merchants adhere to commonly accepted best practices of data security. Hosting with a PCI compliant provider is a solid first step, but becoming compliant still requires action on your part.

If your store accepts credit cards as payment, it must be PCI compliant whether you store that data or not. Choosing a PCI Compliant web host is only the first step. Most credible web hosts can provide merchants with materials outlining their respective responsibilities upon request, but ultimately it is on merchants to understand and meet these requirements. 

Regrettably, there is no “one size fits all” checklist. Your specific responsibilities will vary according to your merchant level (1–4, with 1 being the highest), which is generally determined by the number of credit card transactions your store processes annually. 

The general process for most merchants is:

  1. Identify, understand, and implement the appropriate PCI DSS requirements. 
  2. Complete a Self Assessment Questionnaire (SAQ). The SAQ is a checklist outlining the requirements. Depending on your level, some or all of them will apply to you. Level 1 merchants have the most requirements; level 4, the least.
    Resist the temptation to simply “check every box” in the SAQ. Doing so endangers your customers and exposes your business to liability. The PCI stands to lose money from breaches, and in response may investigate your SAQ and AOC.
  3. Submit to a quarterly scan by an Approved Scanning Vendor (ASV), an independent, qualified authority that performs external vulnerability scans on your systems. 
  4. Complete the Attestation of Compliance (AOC), a document asserting that you are both eligible to perform and have in fact performed the SAQ to the best of your ability.
  5. If classified as a level 1 merchant, you must take additional steps, including an on-site assessment. 

If climbing the considerable hurdle of PCI compliance doesn’t appeal to you, you’re not alone. Your hosting provider can answer questions related to overlapping responsibility, and third party Qualified Security Assessors (QSAs) can help businesses run the PCI gauntlet (for a price). 

Even businesses offering only PayPal, Auth.net, and other payment services as payment options must be PCI compliant because those businesses must still transmit credit card data.

One universal component is the need to confirm that all of your service providers are PCI compliant. This includes your hosting provider, but also extends to payment processors, payment gateways, POS providers, and any other entities that touch your customers’ cardholder data. 

Some PCI Essentials for Merchants

  • Maintain PCI compliance. Compliance requires ongoing awareness and daily application. Tasks range between daily and annual, but all are recurring.
  • Don’t just check “Yes” to every question in the SAQ. Due diligence protects your business and your customers.
  • Know your code, or use a developer that does. Implement best practices of deployment using staging and dev sites without exception.
  • Establish a secure password policy. Use complex, unique passwords and never allow your staff to share login credentials or use default passwords.
  • Enable two-factor authentication for all of your internal users, and consider providing it as an option for customers logging in to your site.
  • Use a web application firewall (WAF). At Hostdedi, we provide one for all clients and it’s enabled by default.
  • Don’t just take your hosting provider’s word for it. Confirm they’re PCI Compliant and competent by asking for (and getting) their Attestation of Compliance (AOC).
  • Keep your applications and extensions current to the latest stable release, and actively monitor for new threats and versions.

Beyond PCI

If PCI compliance were enough, breaches of high-profile organizations would be far less common. Compliant should not mean complacent.

In reality, PCI compliance is “Cardholder Data Security 101.” It is the minimum acceptable standard and a reasonable introduction, but PCI is far from infallible. Credit card companies require compliance. Merchants adhering to PCI standards will be more effective at protecting consumers than businesses that just pay them lip service, but PCI compliance is only the first step. 

The very nature of PCI — a large, curated document updated only periodically — makes it vulnerable. Standards deemed sufficient in the “current” version are often exposed as inadequate. It can take months or even years for PCI to “catch up,” and bad actors are well aware of its limitations.

The best protection is knowledge. At Hostdedi, we have team members that specialize in web security who stay well-versed in the newest threats, breaches, and countermeasures. Many merchants may be reluctant to enlist the services of a security expert. At the very least, we recommend subscribing to security notifications for your ecommerce application and following at least one credible web security news source. Both sources react much faster than the PCI, and following them will help you “spot the smoke” before it becomes a fire. 

We’re on the List!

Don’t forget, we’re “On the List” of PCI compliant providers officially recognized by the Visa Global Registry. That means we’ve shown a continued commitment to reviewing and improving our security policies to match and exceed PCI compliance requirements. If you’re looking for a PCI compliant provider, hosting with Hostdedi means you’re hosting with an approved and recognized provider. Learn more about the PCI compliant hosting with Hostdedi. 

For guidance with PCI compliance, contact our sales team between 9 a.m.–5 p.m. eastern time, Monday to Friday.  

Source link

Installing BigCommerce for WordPress, Step by Step

Installing BigCommerce for WordPress, Step by Step

In this post we’re going to go through installing the BigCommerce for WordPress plugin, starting with a mostly empty WordPress install. But before we begin, I want to briefly note that if you’re new to Hostdedi and/or want to add a BigCommerce for WordPress retail plan to your existing Hostdedi hosting account, you can do so by visiting this page, selecting a plan and auto-installing BigCommerce for WordPress in one click. For those who need an enterprise-level solution, you’ll follow the steps outlined in this blog to manually install.

The BigCommerce for WordPress plugin is available on WordPress.org, like most plugins. This makes it easy to install, right from within the WordPress admin interface.

Start by logging into WordPress and in the left admin menu, choose Plugins ➞ Add New.

Easy to install bigcommerce from the plugin directory

 

Then in the top right search area search for BigCommerce. When the results appear, click on Install Now on the BigCommerce plugin.

Once it’s installed you’ll need to activate it.

To get started just click activate

As soon as the plugin is activated it will take you to an Onboarding Wizard to help you configure it properly. Your first step will be to either connect your WordPress site to an existing BigCommerce store or create a new BigCommerce store from right within WordPress.

The BigCommerce onboarding wizard starts automatically

For this post we’ll choose Create New Account.

BigCommerce just needs a few details to create your store

The form is longer than what you see in the screenshot, but it asks for normal contact information like address, city, state, zip, phone, etc.

When creating a new account like this it’s creating a free 15-day trial. If you decide you don’t like it, you can simply let it expire. If you decide you’d like to sign up for BigCommerce you may do that in your Account page in the BigCommerce admin area.

and set up a channel

Once you’ve created an account you’ll need to make a Channel.  Channels in BigCommerce allow you to specify what products appear in what storefront.  For example, Amazon can be a channel, and you can say “These products appear in Amazon”.

With WordPress, each WordPress instance in a channel, so you can show certain products on one WordPress site, and other products on another WordPress site.

Of course if you wish you may show all products on your WordPress site, but this Channel we’re making is the method by which that happens.

As shown in the screenshot above you may choose to have all products immediately imported or have none so that you may go back later and specifically choose which products get imported.

then select how to want to use the bigcommerce plugin

The next option is to choose a Full Featured Store or set up a Blogging store. If you choose Simple Blogging then it will skip helping you set up a Navigation Menu and disable the Cart and the Embedded Checkout. So customers will click to Buy a product and it will send them to the BigCommerce store. If you choose this and change your mind it’s easy to switch back later.

For this post we’re going to choose Full Featured Store.

Once you’ve chosen Full Featured Store, the next step is to optionally set up a WordPress Navigation Menu. Checkboxes are provided for all of the pages that BigCommerce creates during this install, including Product Listing Pages, Brand Pages, Category Pages, Shopping Cart, Checkout, etc. You can also choose a Menu Location, exactly like in the default WordPress menu builder.

After you complete the Navigation configuration you’re essentially done with setting up WordPress.  If you wish you can go into BigCommerce ➞ Settings and make some changes, but that’s not required.

The final page of the Setup Wizard offers some links to finish setting up your store, and these must be done before your store will function properly.  These things include setting up your payment gateway, taxes, and shipping.

Once these last admin things have been set up you’re ready to sell!

Learn more about the BC4WP plugin with Hostdedi here.

Source link

The 2019 Black Friday Ecommerce Prep Guide

The 2019 Black Friday Ecommerce Prep Guide

Every year, on the fourth Friday of November, shopping chaos unfolds.

Stores cut their prices, customers flock to their nearest outlets, and deals are had by everyone.

But not anymore. Thanks to ecommerce, customers no longer have to leave the comfort of their home to take part in Black Friday. Keeping an eye on advertisements and pre-event newsletters, customers can easily turn on their laptop, click add to cart, and checkout as soon as the clock strikes twelve.

For customers, this is great. For merchants, it means competition has only gotten more fierce (if you thought that possible). It’s no longer just about having the best deals; it’s about having the best visibility. 

Why Black Friday Matters

Black Friday is the busiest shopping day of the year, with American shoppers spending a record $5 billion in 2017. In 2018, this number then grew by 19%, with over 14.8 million online transactions recorded. With so much money up for grabs, Black Friday can be one of the most profitable days of the year for some businesses. In some cases, it even defines a stores annual profit. 

In the jewelry industry, for example, Black Friday can account for 40% of a business’s annual revenue. With such a large percentage from only a single day, these merchants are often forced to ensure their Black Friday campaigns do better year-over-year. The alternative is something many can’t think about. 

Hopefully, your sales are not so dependent on Black Friday. However, there’s still a lot of money available to those savvy enough to take advantage of the digital opportunities available to merchants. 

But with more demand and more customers, the chance of something going wrong only increases. If you want to be successful this Black Friday, you can’t treat it like any other sales day, or even any other sales event. 

Black Friday Ecommerce Statistics

According to NRF, shoppers who took part both online and in-store were up 40% from 2017, with multi-channel shoppers outspending single-channel shoppers by $93. This year, ecommerce merchants can expect to see another huge increase in online shoppers, following on from 2018’s substantial growth.

With Black Friday now online, shoppers no longer have to venture outside to chaotic shopping centers and can instead make their purchases from the comfort of their sofa. 

This is despite in-store shoppers declining by roughly 1%, and 44% of consumers saying they would shop online in 2017 vs just 42% in 2018. 

Industry Ecommerce Benchmarks for Black Friday

Prior to the 2018 Black Friday event, Blackfriday.com questioned their users on what they planned to look for in the sales. 

Industry Breakdown of Black Friday Ecommerce Interest

Clothing took top spot, with 23% of consumers aiming to score a good deal on fashion items. This was quickly followed by tech, with 22% of consumers looking for their next gadget. 

Towards the bottom of the pile was travel. With it being less of an impulse buy, just 9% of consumers aimed to find some travel deals for the coming year.

If you’re a clothes or tech merchants, Black Friday and Cyber Monday are going to be the days you want to get ready for. 

Getting Your Site Ready for Black Friday

Getting ready for Black Friday means getting ready for more than just the products you’re going to sell. Expect to see:

  • An increase in traffic
  • An increase in server strain
  • An increase in the potential for things to go wrong

We’ve seen it all too many times. Merchants who wait until the last second to address these potential pitfalls, and as a result: they fall. 

Getting yourself ready for Black Friday doesn’t have to be complicated, and it doesn’t have to be a lengthy process. But it will mean that you’re able to maximize ROI from the event, and secure your place among the Black Friday customer go-tos for years to come. 

Get Started Early

The earlier you start targeting Black Friday shoppers, the better results you’re going to have. Getting started early means ramping up everything from prep work to marketing strategy. 

Some merchants start their Black Friday marketing efforts as early as October, with others beginning to ramp up marketing in early September. 

When considering how early you will begin your marketing strategy, take a step back and analyze these factors.

 

  • Budget: How much do you have to spend on Black Friday marketing? Where should that budget be spent? Will you increase adwords spend, ramp up email products, or instead focus on more traditional print-media?
  • Resources: November is a resource-intensive time. Christmas is just around the corner, and depending on where you’re located, Singles Day is just a few short weeks ahead of Black Friday. Calculating ROI on resource spend is going to make a huge difference. You don’t want to run out of money before Black Friday has even started. 
  • Potential: While it would be great if we all had unlimited products and opportunities, that’s more often not the case. Perhaps you’re limited in terms of stock or fulfillment processes. The less potential for your Black Friday campaign, the less time should be dedicated to it. 

 

Once you’ve drawn a clear picture of these areas, it’s a good idea to outline the different channels and audiences your aiming to target and assign any associated dates. 

Getting Your Ecommerce Site (and hosting) Ready for Black Friday

If you’re running a Black Friday sale, that means you can all but guarantee an influx of traffic. That means more opportunities for something to go wrong. Don’t let it be your hosting platform. 

As the foundation of your site, hosting problems can mean slow user experiences, broken page elements, and, in the most extreme cases, site-wide outages. Luckily, there are specific steps you can take to ensure a smooth Black Friday experience for your customers and keep those conversions rolling in. 

What’s Your Limit?

How much can your hosting actually take? 

Every hosting package you purchase will have its limits. If your site is seeing more visitors than those limits can handle, then your site won’t crash. Instead, it will slow to a crawl, queuing page load requests until it eventually becomes long enough for the dreaded timeout. 

If you’re already seeing traffic hover around your limit, it’s definitely worth upgrading your hosting to the next level. If you’re running on the Hostdedi Cloud, you can also enable auto scaling in your Client Portal. Just a flick of a button and you’ll be set for any unexpected (or expected) traffic spikes. 

Prepare for International Sales

International sales can add a whole new level of complexity to a store. For the merchant, alternate payment options, different order fulfillment choices, and tweaks to content are only the start. On top of those, delivering digital assets to countries halfway around the world presents its own problem. 

Yes, digital transfer speeds are fast, but running your website through cables located under the Atlantic is going to lead to some lag, especially if demand is high (like on Black Friday). How can you solve this?

For most stores looking to serve international customers, purchasing a CDN add-on for their store will allow static assets such as images to be held in server locations around the world. This way, regardless of where your customers are coming from, they’re going to be able to access high-bandwidth assets from a local location. That means faster load times and more conversions. 

Check in with Our Support Techs… Why Not?

Our philosophy is that it’s always worth exploring every avenue available to you, to see if there’s something you’ve been missing. That’s why we recommend all of our clients expecting an influx of traffic during Black Friday to check in and see if there’s anything we can do to help.

There may not be. Perhaps you’ve already prepared your store for any eventuality. But what if you’ve missed something and it ends up coming back to haunt you? We’ll often reach out to clients we expect to encounter a problem, so keep an eye on your inbox. Or, start the conversation yourself. 

At the very least, it’s worth letting the team here know that you’re planning to run a sale over those dates, that way our team can take extra steps to keep an eye on your hosting platform and how it’s performing. 

Black Friday Ecommerce Strategy

Start Marketing Early

Any good Black Friday ecommerce strategy means ramping up interest before Black Friday actually begins. After all, some customers spend weeks looking for deals they’re going to jump on during the sales. 

Getting started early means promoting your company’s email newsletter through organic and paid channels. This will give you a lot of leads to follow up with once your really start marketing your discounts. 

The earlier you start marketing your Black Friday discounts, the more customers are going to come knocking on the big day.

Start promotions with enticing statements about how your sales event is unique. Statements like “Over 80% off this Black Friday, sign up to stay ahead of the curve” work well to draw in subscriptions, especially when they’re paired with tantalizing artwork. 

Get Creating Niche Gift Guides

You’ve got awesome products so why not let them market themselves? Your Black Friday marketing strategy doesn’t have to only be about target Black Friday shoppers. There’s a whole internet of customers you have access to. 

This means creating marketing material that will draw in those interested in your niche, but not Black Friday. 

Gift guides are a great way to target long tail ecommerce SEO keywords. They not only target Black Friday Shoppers, but everyone looking for your products. 

One of the best ways to do this is by creating a gift guide that suits your target audience. If you sell shoes, how about creating the ultimate gift guide to Men’s Fashion in 2019? If you sell hats, do the same thing. If you have a larger product range, make your gift guide broader. The possibilities are limitless. 

Prepare Upsells and Cross-sells

With the average person spending $289.19 during Black Friday in 2018, it’s the perfect opportunity to push upsells and cross-sells. This may be grouping items for an improved discount, or providing recommendations for related products during checkout. 

Just remember, a good upsell and cross-sell strategy revolves around providing your buyer value. Don’t just indiscriminately group items together, think of how grouping multiple items provides buyers with a benefit. 

For example, if you’re selling shoes, shoe care products are a great upsell. They can potentially increase the longevity of a product, fitting perfectly within the buyer narrative of saving money. 

If you’re selling a specific type of gift, think about other products that complement it. The more you think about and push the narrative of buyer benefit, the more you’re going to be successful here. 

Prepare Your Email Strategy

Did you know that 25% of Black Friday sales start with an email? At least, that’s what Custora says

That means you should be jumping on the email bandwagon if you want to maximize ROI. But how?

Great email campaigns start with two things: timing and subject lines. 

If you haven’t already, begin testing what times are best for sending emails to your customers. Which days of the week work best and when are they going to check their inbox? 

If you spend 1 hour creating the perfect email, spend 2 crafting the subject line. 

Then work on your subject lines. These sentences should be the core of your content. If you spend 1 hour creating the perfect email content, spend 2 crafting the subject line. The subject line will encourage opens, click-throughs, and sales. 

Learn how to tailor your emails to the customers with our guide to email personalization

Go Beyond Black Friday

There are four days of shopping to be had around Black Friday: not just Black Friday itself. Make sure to target each of these days individually.

Then, think about how your Black Friday marketing strategy can continue to bring sales in even after the sales event is over. Use it as an opportunity to increase reach, and audience knowledge of your brand. 

Don’t Shrug Off Black Friday in 2019

We’ve seen it all too often: merchants not preparing their stores for Black Friday and then suffering from site slowdowns and outages. Don’t let that be you. 

Talking to a sales rep to ensure you’re ready is one of the most crucial steps merchants can make in the run up to November 29th this year.

Interested in learning more about how Hostdedi solutions can benefit you? See some more benefits we’re offering merchants this year and get 75% off of new services or upgrades with code HolidayPrep19.

Source link

How Hostdedi Helps Your Store Stay PCI-Compliant

How Hostdedi Helps Your Store Stay PCI-Compliant

Having a PCI-compliant store requires the sustained efforts of both yourself and your hosting provider. Although there are no shortcuts, choosing a credible web hosting provider is an effective place to start. Even so, most PCI requirements can only be met by you, the merchant. Read on to learn more about the dividing line between host and merchant, and why it can be worthwhile to go beyond PCI for your customers.

 

What Is PCI?

nexcess locked safeIn ecommerce, PCI is shorthand for Payment Card Industry Data Security Standards (PCI DSS). Created in 2004, PCI DSS aim to help protect consumers and prevent credit card fraud. It is required for any organization that receives, processes, or stores credit card data of any of the five members of the PCI Security Council: VISA, MasterCard, American Express, Discover, and JCB.

The list of requirements is extensive, to put it mildly. The requirements span six categories, and each category is divided into several hundred specific requirements. Some fall exclusively under the domain of either merchants or hosting providers, while some extend to both. PCI compliance is also not a one-time requirement, as the Security Council makes periodic adjustments to address new threats to consumers.

Compliance is not a “one-and-done” event. It requires daily, weekly, monthly, and annual tasks to maintain compliance. There are 12 general requirements divided among six categories. For illustrative purposes, we’ve listed these same categories, but also included more specific requirements from within PCI DSS. 

6 Key Categories for PCI Compliance

Build and maintain a secure network. Install and maintain a firewall. Use unique, high-security passwords with special care to replace default passwords.

Protect cardholder data. Whenever possible, do not store cardholder data. If there is a business need to store cardholder data, then you must protect this data. Encrypt any data passed across public networks, including data passed between your shopping cart, your Web-hosting provider, and your customers.

Maintain a vulnerability management program. Use antivirus software and keep it up to date. Develop and maintain secure operating systems and payment applications. Ensure your antivirus software applications are compliant with your chosen card companies.

Implement strong access control measures. Access to cardholder data, both electronic and physical, should be on a need-to-know basis. Ensure those people with electronic access have a unique ID and password. Do not allow people to share login credentials. Educate yourself and your employees on data security, and specifically the PCI Data Security Standard (DSS).

Regularly monitor and test networks. Track and monitor all access to networks and cardholder data. Maintain a regular testing schedule for security systems and processes, including: firewalls, patches, web servers, email servers, and antivirus.

Maintain an information security policy. Establish a clear and thorough organizational data security policy. Disseminate and update this policy regularly.

PCI non-compliance can result in fines ranging between $5000—$100,000 per month, depending on the size of the offending organization, its severity, and other factors. Non-compliance can also result in legal action, security breaches, and lost revenue.

PCI Requirements for Hosting Providers 

nexcess monitoringIt is virtually impossible for the typical merchant to be PCI compliant without enlisting the services of a compliant hosting provider. Merchants that host their own websites must meet hosting provider requirements in addition to meeting those for merchants. Such a model works for massive enterprises like Amazon and WalMart, but few others. 

Following are some of the highlights of our systems and policies that uphold our status as a PCI-compliant hosting provider. The term “cardholder data environment” refers to any system that stores, processes, or transmits credit card data as well as any system that has access to cardholder data environment itself.

We maintain a web application firewall (WAF), which monitors all connections between the cardholder data environment and other networks. ModSec prohibits public access to sensitive areas, identifies untrusted connections, and hides IP addresses and routing information from unauthorized parties. 

We apply industry-accepted configuration standards for all system components that address all known security vulnerabilities. This extends to our internal and external network, our operating systems, and hardware required to host web services.

We apply cryptography and security protocols that encrypt and protect cardholder data even when transmitted across public networks. SSL certificates and other trusted security keys are unilaterally enforced. Only modern TLS ciphers are permitted.

We restrict physical access to our data center with 24-hour security policies and a team trained to implement them. This includes, but is not limited to:

  • Video surveillance with 90-day footage history
  • Secured entry with at least two-factor authentication (PIN, access card) in most areas, and three-factor authentication (PIN, access card, thumbprint) in areas housing the cardholder data environment
  • Visible identification on all team members
  • Visitor policy that prevents unauthorized public access; authorized external individuals have access only to required areas and are escorted at all times 
  • Team members are given access to the cardholder data environment only if their role requires it
  • Restricted access to network jacks, wireless access points, gateways, networks, and other lines of communication

We track and monitor access to network resources and cardholder data, though it falls to clients to maintain logs and monitor logins for their own applications (Magento, WordPress, and so on).  

We regularly test our security systems and processes, and perform internal penetration testing at regular intervals as well as after any significant infrastructure upgrade. 

PCI Requirements for Merchants

Secure store with HostdediProperly implemented, PCI compliance helps merchants adhere to commonly accepted best practices of data security. Hosting with a PCI-compliant provider is a solid first step, but becoming compliant still requires action on your partt.

If your store accepts credit cards as payment, it must be PCI-compliant whether you store that data or not. Choosing a PCI-compliant web host is only the first step. Most credible web hosts can provide merchants with materials outlining their respective responsibilities upon request, but ultimately it is on merchants to understand and meet these requirements. 

Regrettably, there is no “one size fits all” checklist. Your specific responsibilities will vary according to your merchant level (1–4, with 1 being the highest), which is generally determined by the number of credit card transactions your store processes annually. 

The general process for most merchants is:

  1. Identify, understand, and implement the appropriate PCI DSS requirements. 
  2. Complete a Self Assessment Questionnaire (SAQ). The SAQ is a checklist outlining the requirements. Depending on your level, some or all of them will apply to you. Level 1 merchants have the most requirements; level 4, the least.
    Resist the temptation to simply “check every box” in the SAQ. Doing so endangers your customers and exposes your business to liability. The PCI stands to lose money from breaches, and in response may investigate your SAQ and AOC.
  3. Submit to a quarterly scan by an Approved Scanning Vendor (ASV), an independent, qualified authority that performs external vulnerability scans on your systems. 
  4. Complete the Attestation of Compliance (AOC), a document asserting that you are both eligible to perform and have in fact performed the SAQ to the best of your ability.
  5. If classified as a level 1 merchant, you must take additional steps, including an on-site assessment. 

If climbing the considerable hurdle of PCI compliance doesn’t appeal to you, you’re not alone. Your hosting provider can answer questions related to overlapping responsibility, and third party Qualified Security Assessors (QSAs) can help businesses run the PCI gauntlet (for a price). 

Even businesses offering only PayPal, Auth.net, and other payment services as payment options must be PCI-compliant because those businesses must still transmit credit card data.

One universal component is the need to confirm that all of your service providers are PCI-compliant. This includes your hosting provider, but also extends to payment processors, payment gateways, POS providers, and any other entities that touch your customers’ cardholder data. 

Some PCI Essentials for Merchants

  • Maintain PCI compliance. Compliance requires ongoing awareness and daily application. Tasks range between daily and annual, but all are recurring.
  • Don’t just check “Yes” to every question in the SAQ. Due diligence protects your business and your customers.
  • Know your code, or use a developer that does. Implement best practices of deployment using staging and dev sites without exception.
  • Establish a secure password policy. Use complex, unique passwords and never allow your staff to share login credentials or use default passwords.
  • Enable two-factor authentication for all of your internal users, and consider providing it as an option for customers logging in to your site.
  • Use a web application firewall (WAF). At Hostdedi, we provide one for all clients and it’s enabled by default.
  • Don’t just take your hosting provider’s word for it. Confirm they’re PCI-compliant and competent by asking for (and getting) their Attestation of Compliance (AOC).
  • Keep your applications and extensions current to the latest stable release, and actively monitor for new threats and versions.

Beyond PCI

If PCI compliance were enough, breaches of high-profile organizations would be far less common. Compliant should not mean complacent.

In reality, PCI compliance is “Cardholder Data Security 101.” It is the minimum acceptable standard and a reasonable introduction, but PCI is far from infallible. Credit card companies require compliance. Merchants adhering to PCI standards will be more effective at protecting consumers than businesses that just pay them lip service, but PCI compliance is only the first step. 

The very nature of PCI — a large, curated document updated only periodically — makes it vulnerable. Standards deemed sufficient in the “current” version are often exposed as inadequate. It can take months or even years for PCI to “catch up,” and bad actors are well aware of its limitations.

The best protection is knowledge. At Hostdedi, we have team members that specialize in web security who stay well-versed in the newest threats, breaches, and countermeasures. Many merchants may be reluctant to enlist the services of a security expert. At the very least, we recommend subscribing to security notifications for your ecommerce application and following at least one credible web security news source. Both sources react much faster than the PCI, and following them will help you “spot the smoke” before it becomes a fire. 

We’re on the List!

Don’t forget, we’re “On the List” of PCI compliant providers officially recognized by the Visa Global Registry. That means we’ve shown a continued commitment to reviewing and improving our security policies to match and exceed PCI compliance requirements. If you’re looking for a PCI compliant provider, hosting with Hostdedi means you’re hosting with an approved and recognized provider. Learn more about the PCI compliant hosting with Hostdedi. 

For guidance with PCI compliance, contact our sales team between 9 a.m.–5 p.m. eastern time, Monday to Friday.  

Source link

Magento Events in September 2019

Magento Events in September 2019

With Magento Live Europe just around the corner, we’re gearing up for one of the biggest Magento events of the year. Before we pack our bags and head to Europe though, there are a couple of other events that we’ve been excited about attending all year, and that you definitely shouldn’t miss out on. 

Since September is one of the busiest Magento event times of the year, we’ve brought together the events we’re planning to attend, so you can pick and mix based on where your favorite Magento hosting company are going to be. 

If you can’t make it, we’ll be publishing what we think the main Magento takeaways are from each event. So keep an eye on our blog post-event. 

What to Know Before You Go

Magento events have a lot of opportunities for merchants, developers, and everyone in between. In order to take the most away from these opportunities, it’s important to know what they are and where you’ll find them. 

Before launching into the events themselves, we want to make sure you know what you can expect from each of them. 

Sessions

All Magento events have sessions. They range from highly technical to more business orientated, and are probably your best source of information at a Magento event. 

Before attending, take a look at the event’s website to see what sessions they have in place and which really speak to you and your needs. Try to manage a timetable where you can take advantage of all three things on this list, but prioritize the most important sessions. After all, you’re probably attending a Magento event to learn.

Sponsors

Sponsors are a big part of the Magento community, and almost every event has at least a handful of them. They’re great to talk to because they can potentially provide you with some awesome ideas for how to improve your Magento store. 

They’re also a really good source for keeping a pulse on the Magento community. Most of the time they know what’s happening, who’s who, and what the latest developments have been. Why not go over and ask they about their Magento experiences, if nothing else. 

We’ll be sponsoring several of the events below and will have our own booth. Come and talk to the team to learn more about how we’re a cloud company that has been with Magento since the start and will continue to support Magento merchants no matter what. 

Networking Events

We know, after a long day of listening to sessions and speaking to sponsors, you probably just want to go home. But wait, there’s still more!

Networking events often take place around Magento events. They offer a good place to meet fellow merchants and developers, and continue that conversation with that one sponsor. 

We suggest making an appearance and talking to a handful of people, at least. The Magento community is really helpful and supportive of newcomers and existing faces alike. 

These events also tend to come with free food and drink as well!

 

Meet Magento New York will take place September 5-6

Meet Magento NYC 2019

September 5-6, 2019

https://meetmagento.nyc/

Why Attend?

Meet Magento New York is the only Meet Magento event in the US. It provides existing and new Magento merchants with a space for meeting and discussing developments in ecommerce. 

It’s also a great chance to meet some Magento sponsors, discuss best practices, and just become a part of the community. 

This year, our very own VP, Josh Ward, will be discussing what Magento 1 merchants can do after the End of Life in June 2020. We’ll take a look at what you need to be paying attention to, how it’s going to affect the Magento community, and why even Magento 2 merchants should be keeping an eye out.

Interested in catching up on what happened last year? Fill out this form for access to all of the videos and presentations from 2018.

 

Mage X Austin will take place September 13-14

Mage X Austin

September 13-14, 2019

https://www.magex.us/

Why Attend?

Mage X events are the place to be if you’re looking to learn more about the application that underlies your ecommerce solution. As a space of learning, Mage X events tend to offer diverse sessions on business and technical topics. You’ll walk away from this knowing a lot more about Magento than you did coming in. 

Don’t forget to take advantage of everything on show this year, including a focus on PWA and Headless. Learn more about what it means to code headless or PWA stores, and how they benefit a variety of business models. 

This year, our very own Magento Master, Miguel Balparda, will be leading a panel about Community Engineering. Here he’ll talk about what it means to be a maintainer, and how you can contribute to an Open Source project too. 

 

 

Meet Magento Poland will take place 16-17 September

Meet Magento Poland

September 16-17 , 2019

https://meetmagento.pl/en

Why Attend?

Meet Magento Poland has been going since 2012, and every year the number of attendees only grows.

Just like any other Meet Magento session, Poland offers a perfect opportunity to learn more about Magento and meet interesting people involved in creating the ecommerce platform. 

Make sure to join in with the Q&A sessions and ask any questions you have. Also don’t miss out on talking to the Magento representatives onsite. With over 600 attendees expected to be present, it may seem like a busy event but it’s also very personable. 

This year, we’re going to be attending, so keep your eyes out for Hostdedi team members walking the floor and joining you in the sessions. Don’t be shy, come and say hi!

 

Catch Us Around the World

Interested in knowing what events we’ll be attending in the future? Check out our events page and stay up to date. You can also catch us on social media, either through our Facebook, Twitter, or LinkedIn accounts. Keep an eye on our timelines and we’ll let you know when our next event is. 

Source link

WooCommerce Is The Ideal Solution For B2B Sales

WooCommerce Is The Ideal Solution For B2B Sales



WooCommerce has gained massive popularity in the B2C eCommerce market, but it is also an excellent choice for businesses that sell primarily to other businesses.
Compared to consumer eCommerce, B2B eCommerce developed along a different path because it was subject to different pressures. B2B buyers expect more interaction with salespeople, buyers spend more and more products are bought at the same time, and B2B buyers, especially in larger corporations, have requirements that consumers do not. In consequence, B2B eCommerce was slow to take off and was often built on “enterprise” eCommerce solutions with a hefty price tag.
But, in recent years, B2B sellers have adopted many of the lessons learned by their colleagues in the B2C space. Millennial buyers, when appointed to buying roles within their business, expect the same convenience and customer-focused approach from B2B as B2C. The rise of B2B eCommerce makes comparing and assessing suppliers easier than ever before. The double pressures of a fluid market and greater expectations have influenced B2B sellers to up their game.
As Michael Del Gigante puts it, “With so much of their bottom line on the line, B2B e-commerce companies need to start evolving their businesses by reorganizing their websites to serve their business clients as consumers.”

B2B with WooCommerce?

One of the ways B2B eCommerce users can adapt to B2C-shaped expectations is through the tools evolved to serve the needs of consumer-focused eCommerce businesses. Estimates vary, but about a quarter of the eCommerce sites on the web use WooCommerce, and, although primarily designed to serve the needs of B2C retailers, WooCommerce can easily be made into a powerful B2B sales platform.
But what does it take to turn WooCommerce into the ideal B2B eCommerce application? Not a lot. Out of the box, WooCommerce is secure, reliable, and battle-tested. It is capable of supporting many thousands of products and product variants. Its category and tag hierarchies allow for complex custom catalogs. It is free but so popular that support is widely available. If vendor support concerns cause hesitation with WooCommerce adoption, you needn’t worry. Many businesses exist to provide that support.

Bringing B2B Features To WooCommerce

WooCommerce lacks some features that are necessary for B2B and wholesale selling, but they are available as free or paid extensions. As a WordPress plugin, WooCommerce benefits from both WordPress’ massive plugin ecosystem and its own range of extensions.
Dynamic Pricing adds the ability to configure bulk discounts. It includes custom configurations for building finely graded pricing plans that can be applied according to volume purchased or to specific groups of buyers.
B2B sellers often need to restrict categories of products to groups of buyers. There are several WooCommerce extensions for restricting product access according to various criteria. With WooCommerce Protected Categories, sellers can password protect product groups according to category and lock-down product categories by role or user. The extension can be used to create private areas for individual clients and separate B2C and B2B or wholesale areas. The related WooCommerce Private Store can lock-down a store to create a members-only WooCommerce site.
WooCommerce, with the addition of a small number of plugins, is a robust and reliable B2B sales platform, capable of growing as your business grows and adapting to its changing needs.

Source link