When we talk about Magento security, the focus is often on securing the server and the eCommerce application itself. That makes sense because it is where most attacks are directed. Script injection, brute force, and remote code execution attacks are aimed squarely at the server. But there are other attack vectors to take into account, particularly endpoints.
eCommerce stores have a client-server architecture. The server is the application itself. Magento trusts authenticated clients, but these endpoints are not always trustworthy. A simple example of this problem is a logged-in mobile device. If an employee with an administrator account loses an insecure mobile device, whoever finds it may be able to access the store.
Endpoints can be used to circumvent even the best designed security strategies because they are trusted. In addition to ensuring that Magento is secure, everyone with admin permissions on a store or an SSH account on the server must follow endpoint security best practices.
Use two-factor authentication
Once a computing device — a laptop, perhaps — is stolen, it is best to assume that the thief has access to every password stored on it. Two-factor authentication, provided by an extension like Sentry, will stop an attacker who only has access to the password.
Secure endpoint devices
Modern devices and operating systems provide strong security and authentication systems. The MacBook I am writing this article on uses full-disk encryption and fingerprint authentication. Most mobile devices provide similar encryption and biometric authentication.
These security measures are only effective if they are used. Anyone with an admin account on a Magento store should take full advantage of their device’s built-in security.
Access your store over a VPN
A Virtual Private Network (VPN) encrypts information that moves between the endpoint device and a Magento store. This prevents a third-party from intercepting sensitive information with a man-in-the-middle attack.
A VPN is particularly important when site owners use insecure protocols such as FTP to transfer data to their server.
Remove unused accounts
Retailers often provide accounts for employees or freelancers so that they can work on the Magento store or its server. When the employee no longer needs access, the accounts should be deleted as soon as possible.
On a related note, if you do need to give access to a developer, designer, or other professional, create a new account for them. Don’t use the same account for more than one person. If everyone uses the same account, revoking access will be a huge headache.
Minimum necessary access
Give people the least access they need to get their work done. If they don’t need an administrator account, don’t provide one. If a developer doesn’t need access to your server’s root account, don’t let them have it. Magento includes powerful Access Control Lists so that store owners can specify which parts of a site an account can access. Familiarize yourself with how ACLs work and use them to restrict the access of account holders.
Endpoint security is too often neglected, but Magento store owners should be aware of the risks and what they can do to keep their store safe.
When you opened your eCommerce store, where did you see yourself in five years? As a small and consistent merchant providing an excellent, personal service, or a global supplier of high-quality products?
For many merchants, the goal is sales growth. Achieving this is a mix of reputation, product, and service. Unfortunately, you can’t control any of these things 100%, but you can proactively keep them in check by paying attention to some of the main eCommerce issues buyer’s encounter. this may include:
Slow loading pages
Hard to find products
An unintuitive use experience (UX)
Before we take a look at how to keep these things in check, let’s see how your store’s conversion rate compares to the competition.
What Constitutes an eCommerce Success?
For the purposes of this article, eCommerce success can be measured by conversions. A conversion is when someone completes a goal you have set. For eCommerce stores (and the purposes of this article), this is typically a sale.
Taking a look at historical data, eCommerce conversion rates have actually decreased in 2018. In Q4 2018, the average rate across all industries in the US was 2.96%. That means that 2.96% of visitors to the average eCommerce store would make a purchase. In Q2 2018, that number was 2.63%. A small, but significant drop.
One report by ComScore suggests that increased concerns regarding security, a lack of easily accessible information, inefficient UX, and hard to find products are some of the main reasons for this decline. Other sources suggest that a shift in the market has lead to this change.
Looking at conversion rates across industries, the difference is stark. Arts and Crafts, for instance, manages to a conversion rate nearing 4.0%, while the Baby and Child sector remains below 1.0%. Before deciding how much your store needs to improve, check the average conversion rate in your industry. If you feel your number is still too low, continue reading.
1. Increase Conversion Speed
Speed is king in the world of eCommerce. Multiple studies have confirmed slow loading eCommerce stores have lower conversion rates.
A 1-second page delay results in:
16% less customer satisfaction
11% fewer page views
7% conversion decrease
What can you do to avoid this?
Check Your Hosting
The first step is to check your hosting. If you’re an eCommerce store, you don’t want to opt for the cheapest provider. You should be looking for performance and support, not a low monthly fee.
There are two primary periods of concern you should prepare for: traffic spikes, and downtime
Traffic spikes can easily be managed in modern hosting with an auto scaling feature. True auto scaling allows for an automatic increase to site capacity when it’s required. This is perfect for sales events or when one of your products goes viral and saves you from having to upgrade your entire solution for an extended period of time.
Downtime can be more of a problem. Support is your solution. You’ll want a team that’s available 24/7/365 and with physical access to the data center your site is stored in. That means hosting with a provider that owns their own data center. This way, if something does happen to your eCommerce store, you’ll know that you’ll be back up and be converting potential buyers as soon as possible.
In addition to the points above, your hosting solution should be optimized for your application; especially if you’re running the caching heavy Magento. Check with your provider as to what is a good
Find out what questions you should be asking your hosting provider. Learn more.
Once you’ve checked that your hosting provider is optimized for eCommerce, the next step is to see if your server is bogged down with bloat.
Begin by removing all unnecessary plugins and extensions from your CMS.
If you’re using Magento, go to System -> Magento Connect -> Magento Connect Manager. Scroll through the list of installed extensions and select the ones you no longer need. On the drop-down menu, select uninstall and then click Commit Changes.
If you’re using WooCommerce with WordPress, head to your admin panel, then Plugins -> Installed Plugins. From here you’ll be able to see all the plugins you currently have installed and remove those you don’t need.
We recommend committing these changes to a dev site before doing so with a production environment. This allows you to see how they will affect your site from a buyer’s perspective.
Basic Website Optimization
There are optimizations non-specific to eCommerce but that will help to increase speed and keep conversions up. These are simple website optimizations that anyone can do – regardless of whether they have any technical knowledge.
2. Plugins & Extensions
Modern CMSs know that the functionality required for different sites is, well, different. One store may be perfectly happy using what’s available by default, while the next needs an extra something. With plugins and extensions, that something can easily be found and added.
There are a number of plugins and extensions perfect for boosting conversions. We highly recommend looking into tools to:
Run A/B tests
Manage opt-in forms
Promote your content on social
Deliver high-quality, non-invasive Calls to Action
Before installing a new plugin or extension, ask yourself: Will it boost conversions? If that answer to that question is yes or maybe, install away. If it’s no, find something else.
We’ve created our own Magento extension designed to increase load times in Magento. We’ve called it Turpentine and it works by improving the already efficient Varnish with noticeable improvements to the cache hit rate.
3. Optimize the Buyer’s Journey
As we looked at earlier, one of the main reasons for an industry-wide decline in conversion rate is hard to find products.
To combat this, you want to make it as easy as possible for a buyer to find what they are looking for. This means more than simply directing them to your sales page; it means placing them on a journey.
The buyer’s journey as a sales funnel.
A traditional buyer’s journey consists of three main stages:
Awareness – Aware of a need for something new
Consideration – Analyzing the different options available to them
Decision – Final purchasing decision (a conversion)
These stages are often embodied as a funnel. This funnel mimics how the number of people decreases as they journey down the funnel. No store has a 100% conversion rate.
A buyer’s journey is often unique and forcing a myriad of different audiences down only a handful of funnels will mean fewer sales and lower retention. As a store owner, it is important for you to manage these stages in accordance with the data you collect from successes and wins.
Yet creating content that keeps visitors engaged can be a tricky process. Where do you start? Here are three methods that we’ve seen work incredibly well in the modern digitally-driven buyer’s journey.
Create Stand Out Content
Create content that does more than just duplicate what the competition is doing. Try to find what type of content your audience wants. Look beyond the data if you have to.
Create Longtail Content
Perform a long tail keyword analysis to see where you should be directing some of your content and SEO efforts. Short tails are great for sales pages, but optimizing for long tails is the best way to target your audience – especially if they’re niche.
Nurture Leads With Personalized Outreach
Do more than just personalize the “To” field in emails. Reach out to your audience directly. Finding influencers and people who already do this effectively is a great shortcut. You can also optimize on-page content. Check out these WordPress AI and machine learning plugins for delivering personalized content at the right stage of the funnel.
4. Create a Story With Emotion
One of the most effective ways to optimize eCommerce conversions is to change the fundamental way in which you are selling your products.
Buyers want an experience when they buy from you, not just a list of technical specifications (most of the time). This directly addressed one of the reasons for a decline in conversions: a lack of interest in products.
Hubspot has created a really useful article on how to use emotion to sell. They’ve gone with six different emotions (to start). Depending on your audience and the product you’re trying to sell, you appeal to a different emotion.
For instance, if you’re working for a non-profit and trying to boost eCommerce conversions for a donations package, altruism is likely your best option (unless that donation package comes packed with chocolate). If you’re trying to increase conversions on the latest Mercedes though, you’re probably better off going to envy and a sense of keeping up with the Joneses.
All of this leads into our final method for optimizing eCommerce store conversions:
5. Test, Test, Test
Testing should be the bedrock of your conversion optimization strategy.
It’s unlikely you’re going to hit a jackpot every time. Even after years of working with the same audience and products, there are going to be times where your tests misfire or miss the mark. Trial and error let you refine your conversion strategy and improve.
There is always room for improvement, regardless of how well you’re already doing.
Like any complex piece of software, Magento requires a bit of maintenance every now and again. As your store evolves and your business grows, new products and customer accounts are created and deleted, extensions and themes are installed or modified, and the general day-to-day operations of the store leave their mark.
Diligently maintaining your store will ensure that it remains secure, fast, and reliable as the years go by. In this article, I’m going to focus on five of the most common tasks that Magento store owners should add to their to-do lists.
Applying Security Patches
The Magento teams regularly release security patches that fix vulnerabilities in the software. The patches are released shortly after vulnerabilities are discovered by Magento’s developers or security professionals. If you don’t install patches soon after they are released, your store may be vulnerable to attacks by criminals and to data theft.
404 is the HTTP response code that web servers send to browsers when they can’t find the requested resources. Over time, you will move or delete product and content pages from your Magento store. If you aren’t careful, links from other pages on your store will be broken, resulting in 404 errors when shoppers try to visit them.
404 errors create a poor user experience and too many can have a negative impact on a store’s standing in search results. It’s a good idea to regularly use a tool like Screaming Frog’s Broken Link Checker to find and fix any 404 errors on your store.
Magento logs information about what happens on a store in the database, including customer activity, orders, visits, and more. That information can be very useful, but the logs grow over time and can take up a lot of space and degrade database performance.
Magento can automatically remove stale logs, but this capability is turned off by default. If you want Magento to automatically clean its logs, find out how to turn on log cleaning in our guide to Magento database maintenance.
If your Magento store is compromised by bad actors or damaged by human error, it is easy to restore it from a backup. But if you don’t back up, incidents of this sort can be catastrophic.
Magento 2 has a built-in backup system that you will find in the dashboard under System -> Tools -> Backups. You can choose to backup the whole store with “System Backup”, the database and media, or just the database.
It is a good idea to perform regular system backups and to move the resulting files off your Magento server to a safe location.
Flushing The Image Cache
Magento caches product images in a dedicated cache. The Catalog Image Cache can sometimes become very large over time as new products are added and old products are deleted. Flushing the cache (removing the images) can free a large amount of disk space.
You will find the cache controls in the Magento 2 admin menu under System -> Cache Management. At the bottom of the Cache Management page is a button that will flush the Catalog Image Cache.
If you choose to flush the Catalog Image Cache in this way, there is likely to be a performance impact as Magento regenerates the cache of existing product images. You may prefer to only remove older cached images with a command such as this:
As always, make sure you understand exactly what this command does before running it.
With regular maintenance, your Magento store will remain fast, secure, and reliable as your eCommerce business grows. Don’t forget, our expert Magento support team is on-duty round-the-clock to answer your questions.
The Magento eCommerce application is at the center of a vibrant ecosystem of retailers, developers, designers, conferences, and Magento hosting providers. Like all ecosystems, Magento evolves, and it can be difficult for newcomers to the world of eCommerce to get to grips with its constituent parts and the role they play in building a successful eCommerce business.
In this article, we’re going to explain some of the terminology new eCommerce merchants need to understand before embarking on their journey with Magento.
First things first, what is Magento?
Magento is a powerful eCommerce application built on open source technology. It’s used by retailers ranging from solo entrepreneurs to big-name eCommerce merchants like Ford, Wrangler, Silent Night, Harvey Nichols, Paul Smith, and Christian Louboutin.
Magento was initially released in March 2008 and has since grown to incredible proportions. There have been two main iterations of the application (Magento 1 and Magento 2).
One of the main reasons why eCommerce developers love Magento is due to its customizability and ability to scale as a business grows. A huge number of plugins and extensions are available for store developers, and custom functionality can be included with help from a Magento developer.
The heart of the Magento ecosystem is an open source community of developers. The community is maintained by the Magento company. Magento Commerce is that company’s commercial offering, and includes support and additional features for enterprise retailers. This includes dedicated Magento account management.
Originally released in 2016, the self-hosted version of Magento Commerce was previously known as Magento Enterprise Edition. It has since grown to become a staple in the Magento community with bigger eCommerce businesses looking for more functionality looking for greater complexity and with a larger global presence.
If you’re a larger eCommerce business, Magento Commerce is likely the best option for your business.
Magento Open Source is a free version of Magento that includes many of the same features as Magento Commerce. Until recently, Magento Open Source was known as Magento Community Edition.
Magento commerce was originally released in 2007 as a public beta. The full version was released in 2008. Because Magento Open Source is open source, developers are not locked into the software they are provided. It is possible to make changes to the application and incorporates other technologies as well. This means that developers can craft Magento Open Source into something specific to their needs. Something developers aren’t as free with when it comes to Magento Commerce.
To use Magento Open Source, retailers can choose a Magento hosting provider, which will provide the servers, bandwidth, and support a retailer needs to build their store. This also allows for Magento store owners to focus on what’s important – their store – and leave background processes to someone else.
There are other differences between the Open Source and Commerce editions of Magento. Here a few more in more detail.
Responsive eCommerce website
Promotions Engine / Product & Catalog Management
Checkout, Payment, Shipping & Order Management
Site management (admin)
Bluefoot CMS in 2.2
Magento Order Management
Content Staging & Preview
OOTB B2B Functionality (in v2.2)
Magento is a complete eCommerce solution, but retailers can add extra functionality by installing extensions created by third-party developers. Magento extensions extend or enhance Magento’s existing features. Hostdedi has created several Magento extensions, including the popular Turpentine extension for Varnish integration, and Alarmbell, a Magento security extension.
There are hundreds of Magento extensions, both free and premium. Magento users should take care to only install extensions from reputable developers or marketplaces. If in doubt, head to the official Magento Marketplace, which we’ll discuss in a moment.
Magento themes are similar to extensions, except themes focus on the design of a site rather than on adding new functionality. Every Magento store uses a theme, and just like extensions, there are free themes, paid premium themes, and custom themes developed for specific retailers.
Magento Marketplace is an officially supported repository of both extensions and themes. Magento Marketplace thoroughly vets all extensions and themes it distributes, so you can be sure that everything you find on there is secure and useful.
Magento Marketplace isn’t the only trustworthy source of themes and extensions. Many reputable developers have their own sites and stores. However, if you’re unsure of the quality of a theme or extension, it’s good practice to check to see if it’s on the marketplace.
Finally, Magento hosting: every eCommerce store needs a hosting provider. The hosting provider takes care of the store’s connection to the internet, the server the Magento application and its database run on, and the support retailers need to provide a fast shopping experience to their users.
Hosting providers are of varying quality and Magento requires specific conditions to provide the best performance and reliability. Choosing a specialist Magento optimized hosting provider with great support is the best way to start your journey as an eCommerce retailer
Publishing audience-attracting content on an eCommerce store can be difficult. Product descriptions are essential but they aren’t the sort of content that attracts a loyal readership or brings people back time and time again. The importance of SEO value in generating organic reach means that it’s time to start integrating a WordPress blog with your Magento store. Content publishing is the present and the future of eCommerce and online retail, especially if you’re looking to attract new customers and retain existing buyers.
While it’s perfectly possible to blog within Magento using add-ons like the Aheadworks Blog extension, there are advantages to integrating a platform that has been built with content publication in mind. It’s also possible to turn WordPress into an eCommerce store, but Magento offers levels of flexibility and functionality that are difficult to replicate on a platform designed for content management.
If a retailer wants to maximize both the effectiveness of their content publishing efforts and the efficiency of their sales process, an integration that makes use of both WordPress and Magento is the optimal solution.
The best approach to WordPress/Magento integration depends on which is your primary platform. A WordPress site owner who wants to use Magento for selling products needs a solution with a different focus than a Magento user who wants to integrate a WordPress blog with an existing store. I’m going to look at how both use cases can be satisfied.
There’s some crossover here, so I’d advise you to take a look at the full range of functionality offered by the extensions I’ll be highlighting and make a decision that suits your particular needs.
The extension helps maintain a consistent brand identity by using the Magento store’s theme for the WordPress blog without requiring any modification of files on either the WordPress installation or Magento. Users can log-in to their WordPress blog from within the Magento dashboard.
One of the most important reasons for choosing to use WordPress rather than a native Magento blogging solution is the huge amount of extensions available for WordPress. Handily, the WordPress Magento Integration extension supports many of the most popular WordPress plugins, including Yoast’s SEO plugin and Disqus comments.
To begin, you’re going to need to download WordPress and extract it to the Magento root directory of your server. Once installed, the WordPress folder should be named “WordPress”, rename this to “wp”.
Note: If you’re doing this on a Hostdedi account, get in touch with the Hostdedi team and we’ll help you to manage this stage.
To check if it worked, type in your web address followed by “/wp/”. For example, http://www.mystore.com/wp/. This should take you to the WordPress installation page, which you should follow in standard WordPress fashion to get your blog set up.
When asked for database information, you have two options. You can either create a new WordPress specific database for storing your blog data, or you can link to your Magento database.
It is perfectly fine to use your existing Magento database due to WordPress and Magento data being separated by different tables. If you’re unsure about where to find your database, you can search MagentoRoot/app/etc/local.xml and find the information there.
At this point, the two applications have still not been linked. You are running a WordPress install and a Magento install at the same time.
Fishpig is 100% free and can be downloaded using the link above. You can install the module like any Magento module by using the Magento Connect Manager. Just make sure that you’ve disabled the Magento Cache and Compiler while you’re setting everything up. If you don’t errors will pop up!
Now that you’ve installed the module, head to your Magento Admin and along the top find WordPress -> Settings. Here you’ll find two sections that are going to require configuration.
Magento Database and Integration Settings
First, head to the database section. If you decided to set up Magento and WordPress using the same database, then make sure that you select yes. Below this, you’re going to need to enter the WordPress prefix. For the purposes of this guide, that is “wp_”
Next, scroll down to the Integration section. This is where the meat of your WordPress Magento connection is coming from.
First, in order to make sure that everything looks nice from a user experience perspective, you’re going to want to make sure that you’re selected yes next to “Integrated theme”.
Next, you’re going to set up the URL structure for your blog. You don’t have to type the whole URL in, just the part that directs to the WordPress blog. We’ve gone with “blog” (there’s nothing quite like tradition) but you can opt for whatever you want. Using the example above, your WordPress blog will be located at “www.mystore.com/blog/”.
Finally, you’re going to want to enter the path for to your actual WordPress install. If you’ve been following this guide to the letter, that should just be “wp”. Once you’ve done this, click “Save Config” and click out.
Configuring WordPress for Magento
In order to configure WordPress properly, you’re going to need to head to the general settings section. Here, you will be able to make changes to the URL structure of your WordPress blog and how it links to your Magento store.
The two most important sections are WordPress Address and Site Address. For WordPress address, you want to make sure that you have linked to the location of your WordPress install. This should probably remain as is. If you’re installed WordPress to the Magento root directory as directed above, this will be your website URL followed by /wp/.
Site Address should link to the URL structure you set up while enabling WordPress on Magento above. We’ve gone with the /blog/ directory, but it’s up to you how you set it up. Remember to include your Magento base URL before.
Once you’ve made sure that these things line up, hit “Save Changes” and you’re done. You now have a fully functional WordPress blog added to your Magento store. Congrats!
We’ve just returned from IRCE 2018. Between the marketplace and the sessions, there was a lot happening. eCommerce and marketing professionals from around the world were in attendance, and everyone seemed to have something to bring to the table.
However, throughout the show, we found that three things seemed to be present in almost all of the conversations going on.
Here are what we think were the three main takeaways from IRCE this year.
With huge marketplaces such as Amazon, speakers such as Seth Godin stated that “You will lose on price” if you try and compete there.
Instead, small companies should start to look at fringe groups that are likely to grow with time. Effectively building a business is about making change happen. It’s about taking something and increasing its value in the public consciousness.
This led Godin to prompt everyone to ask themselves two questions about their brand:
Who’s it for?
What’s it for?
Throughout IRCE, this theme found itself springing up time and time again.
The speech Institutionalize Innovation by Roe Macfarlane talked about how market segmentation required specific actions based on age, including the type of leader different groups are more inclined to follow.
Counter the Amazon Effect also talked about how it was important to innovate and inspire change in order to compete with the eCommerce giants of today. How did many people suggest this change and niche focus should come about? Personalization.
Godin’s second standout statement during his keynote was also repeated by speakers throughout IRCE 2018. The importance is not in marketing to a mainstream audience, but in appealing to those who are already a friend to your brand. These connections should be nurtured in a way that creates a “tribe” that follows one thing: you.
This tribe should be nurtured through personalization techniques.
Personalization 2.0: Making the Move to Individualization by Brendan Witcher talked about the ultimate destination of personalization techniques: individualization, not segmentation. He also went over how to make use of big data to do this (without becoming ‘creepy’).
We also saw David Blades of Jenson USA talk about the importance of user generated content in boosting sales. The community wants the brand to be about them, and what better way to make it about them than by having them generate the content.
With the first Magento Straight Talk during IRCE came conversations about machine learning and its place in eCommerce. For many businesses, the idea of machine learning has become something that is spoken about a lot but hasn’t shown enough value to be applied independently.
Anita Andrew’s talk inspired a different perspective, with stats on how effective machine learning has been for some huge brands. Target saw a 30% growth in revenue after applying machine learning techniques. Amazon saw a 55% increase in sales from personal recommendations, and USAA saw a 76% improvement in customer support contact and product offering fit.
Yet Anita did mention the issue with what she termed ‘dirty data’. Throughout the big data sessions, dirty data become a central point of interest. How do you take outliers and unpredictable variables and apply them to machine learning algorithms? Many of the IRCE speakers gave their own perspectives and approaches to cleaning for different purposes. Anita talked about cleaning data in order to boost product offerings. In Personalization 2.0, the focus was on how to clean data to truly individualize your brand. In the merchandising track, Carter Perez talked about how Machine learning could be used to improve product discovery.
Regardless of where you heard it, the message was clear: machine learning is the future and it’s here now.
Outside of the sessions, the marketplace was abuzz with activity. Many of those exhibiting at the show had something to offer that linked into the topics mentioned above.
Hostdedi met with several old, new, and future clients during the show and had a great time with all of them. We also went to go see the Cubs vs. Phillies game in Wrigleyville, with over 250 RSVPs to the rooftop event. We’ll leave you with the view we had and look forward to seeing you next time!
Jeff Bezos is the richest person who has ever lived, according to some sources. While that claim should be taken with a pinch of salt – Bill Gates was richer in real terms before he gave a big chunk of his wealth away – Bezos is certainly the richest person in the world today. That wealth is due to the enormous success of Amazon, and a big chunk of Amazon’s success is due to the stranglehold the company had over one-click purchases.
It would be silly to claim that one-click purchases were the most important factor in Amazon’s success, but we shouldn’t underestimate the difference in conversions and revenue between sites with one-click purchases and those that are required to make shoppers jump through hoops to buy. Experian have estimated that a single additional field on a check out form can cost an eCommerce company millions.
Once customers had become accustomed to one-click purchases, it was only a short hop to enhanced shopping experiences like Amazon’s Alexa, which can be used to make purchases by voice.
Last September, Amazon’s patent on one-click purchases expired. Any eCommerce store is free to implement one-click purchases, and Magento was fast off the blocks with the introduction of Instant Purchases.
Instant Purchases bring radically simplified checkouts to one of the most popular eCommerce platforms in the world, allowing tens of thousands of merchants to benefit from a user experience that was once the domain of a handful of eCommerce giants.
Magento Instant Purchases work like this: a shopper taps the “Instant Purchase” button on a store’s product page, confirms the order, and they’re done. A confirmation message appears and the shopper is free to carry on browsing.
To be able to use Instant Purchases, a shopper must be logged-in to their account, have selected a default billing and shipping method, and have a stored payment method.
A side benefit of Instant Purchases is that they encourage shoppers to create an account with all the necessary information, providing retailers with valuable data and increased opportunities for engagement.
Instant Purchases will also decrease cart abandonment rates. Carts are often abandoned before shoppers have completed the checkout process. With Instant Purchases, the decision is made on the spot. Shoppers are, of course, free to cancel any orders they make, but there’s a big difference between actively canceling an order that has already been made and deciding not to make the order in the first place.
Instant Purchases are worth exploration by any business that sells online. Shoppers have never enjoyed entering large amounts of information or plodding through multiple confirmation dialogues. Most want to be able to make a purchase within the context they made the decision to buy.
Fraud has always been a problem for online retailers, but since the introduction of more secure credit cards in the last few years, much offline retail fraud has moved online. Magento retailers can’t afford to ignore the ever-present risk of fraud, whether it’s the dedicated efforts of criminals gangs with stolen identities or the less predictable casual fraudster who orders products with every intention of initiating a chargeback and keeping the goods.
Fraud prevention is both time and labor intensive, especially for larger eCommerce stores. It’s challenging to check every one of thousands of orders for fraud. And, as I know from personal experience, it’s all too easy to generate false positives and lose a genuine sale.
Last year, I ordered some furniture from a well-known retailer and apparently triggered their internal fraud prevention system. The issue wasn’t handled well, and by the time my order had been freed from the dungeon of manual review, the products I wanted were out of stock.
It’s a hard balance to strike: too strict and false positives eat into profits, too lax and those profits go to fraudsters. eCommerce merchants don’t want to give shoppers a bad experience — no one likes being accused of fraud — but nor do they want to lose money.
Unfortunately, we aren’t yet at a point where fraud prevention can be entirely automated. There’s no replacement for an eCommerce retailer who intuitively knows when a transaction is likely to be false based on extensive knowledge of the customer base and their order patterns.
Although a manual review of Magento eCommerce sales is here to stay, automation can significantly reduce the work involved, green-lighting genuine purchases and blacklisting fraudulent purchases according to the Magento eCommerce retailer’s policies, and passing uncertain orders to a manual review team.
There are several excellent fraud prevention automation tools that integrate well with Magento.
Signifyd, which provides a Magento extension for Magento 1.X, is one of the leading lights in the field of eCommerce fraud prevention. Its platform carries out an extensive series of verification checks on every order, using a combination of machine learning and human analysis.
One of the most interesting features of Signifyd is how it stands by its decisions. When the service approves an order as genuine, it will refund you the lost revenue if it turns out to be fraudulent. That means Magento retailers don’t pay the cost of chargebacks.
The service isn’t free, so individual retailers should compare the cost of using Signifyd to the cost of fraud for their business and make the appropriate decision.
FraudLabs Pro Fraud Prevention
FraudLabs, which provides Magento integration for Magento 2.x, has been in the fraud prevention industry for more than a decade. The free extension is easy to setup, and once installed FraudLabs will run every order through a wide variety of checks including fraud analysis and scoring, IP Geolocation, email address validation, and a custom set of rules, among others.
Orders are categorized as “approved”, “rejected”, and “pending review”, reducing the amount of manual order validation required.
FraudLabs is free for up to 500 transactions, making it ideal for smaller eCommerce stores that want to dip a toe in automatic Magento fraud prevention.
Magento provides everything you need to build an eCommerce store. With specialist Magento hosting and Magento’s ecosystem of extensions and themes, you can go a long way. But, every store is unique and the time may come when your store needs the attention of a developer.
Magento developers can build custom integrations, extensions, and themes for a store, but it can be tricky to hire a qualified developer if you don’t know what you’re looking for.
Understand What You Need First
Although a good developer will be happy to guide you towards a solution, it’s useful to have a clear idea what you’re looking for in the first place. Take the time to write a detailed explanation that you can give to a developer. You don’t have to go into any technical depth, but the more certain you are of what you need, the easier it will be for the developer to get started.
Have a Realistic Idea of How Much a Developer Costs
You can expect to pay anything from $40 to $150 per hour for a qualified developer in the US. You may pay less for excellent developers outside of the US, but programming is a skilled and in-demand profession: set your expectations accordingly or the work may not be done to the highest standards.
Finding a Developer
In order of best to worst, here are the methods I use to find great Magento developers:
Personal recommendations. Ask people you know and trust to recommend a Magento developer. Referrals are not always trustworthy, but, in my experience, the hit rate is a lot higher than with some of the other methods we’ll discuss.
Magento development agencies. Magento development agencies like Human Element do the hard work of vetting developers so that you don’t have to. You may pay an agency more than you’d pay a freelance developer, but you also bypass a lot of the hassle involved in finding and hiring someone who can be trusted to do great work.
Social media searches. LinkedIn is often a useful resource, as are Magento-focused Facebook groups.
Freelance websites. Freelance websites like UpWork and Elance can be used to find good developers, but I’d advise against going down this route unless you have failed to find a good candidate elsewhere.
Assessing a Developer
Magento developers range from barely competent to highly skilled. If you aren’t a developer yourself, it can be hard to work out which sort you’re dealing with.
Check out their portfolio. Many freelance developers will be happy to show you a portfolio of work that they have done for other clients. Look for work that is similar to your project.
Ask for references. Some great freelancers don’t bother with portfolios — they get work through recommendations and referrals — but they should be able to provide you with references of previous clients.
Look for Magento Certification. Magento Certification allows developers to prove that they have the necessary skills and knowledge to work with Magento eCommerce stores. Ask about Magento certifications, and then double-check using the Magento Certification Directory.
If you’re still not certain about the quality of a freelance Magento developer, I’d suggest giving them a smaller job before embarking on a long project.
Don’t try to get developers (or any freelance professional) to work for free, even as an assessment: good developers will walk away because they can get more than enough paid work. Instead, offer a small job at their hourly rate.
It’s important to find the right developer for your Magento project. The tips in this article will ensure that you get the best results in a reasonable timeframe.
A functional eCommerce store is made up of two components: a feature-rich eCommerce application and a fast, scalable hosting solution. Once you have settled on an eCommerce application for your online retail store, it’s time to decide on a hosting solution. Hosting provides the bandwidth, storage, compute, and database resources an eCommerce store needs.
In this article, we’re going to look at the qualities of a great eCommerce hosting provider and at the types of hosting suitable for online retail.
Cheap Shared Hosting Is Not The Best Option
Modern eCommerce applications like Magento and WooCommerce are built on standard technology like MySQL and PHP. Any web hosting platform can run an eCommerce store, but not all provide the resources, support, and eCommerce-specific optimizations that a great online retail experience requires.
For very low traffic eCommerce stores, a standard shared hosting account or virtual private server might be adequate, but you will soon run into resource, performance, scaling, and security problems as your business grows.
Choosing a specialist managed eCommerce hosting provider with expertise in your chosen application will be slightly more expensive, but you’ll save time and money throughout the life of your business.
The Qualities Of An Excellent eCommerce Hosting Provider
A good eCommerce hosting provider understands the hosting requirements of eCommerce applications and the needs of eCommerce businesses. An eCommerce store isn’t an ordinary website.
Performance-optimized hosting: Speed and responsiveness are vital. Slow stores make less money. Look for a web hosting provider with the technical ability to optimize their networks, servers, and software stack for the best possible performance.
Managed Services: A world-class eCommerce host will provide managed services that help retailers make the most of the hosting platform. Managed services should include performance optimization, security hardening, and comprehensive backup services.
Support: Responsive support is vital. You don’t want to be left twiddling your thumbs if an issue arises with your store during a busy shopping period. Look for an eCommerce host who is prepared to work with you and your team to secure, scale, and optimize the reliability of your store.
A reputation for security: Security is vital at all levels of eCommerce hosting, from the data center to the application itself. Make sure your eCommerce host can demonstrate the quality of its security controls with third-party certifications like SSAE 16 and PCI DSS. Additionally, verify that the provider’s platform runs the most recent software versions and that the software stack is regularly updated — you’d be surprised how many hosting providers use outdated and vulnerable software.
Choosing The Right Hosting
There are three main types of eCommerce hosting suitable for applications like Magento and WooCommerce: shared hosting, dedicated server hosting, and clusters of dedicated servers.
Shared eCommerce hosting: With shared hosting, the resources of a server are shared between several eCommerce stores. Unlike standard shared web hosting, a reputable eCommerce hosting provider strictly limits the number of stores each server supports. eCommerce-optimized shared hosting is ideal for smaller stores.
Dedicated Server eCommerce hosting: Each store has access to the resources of an enterprise-grade dedicated server. Dedicated servers are the most powerful single-server hosting option available. Dedicated servers are suitable for medium to large eCommerce stores.
Dedicated Server Clusters: The most powerful eCommerce hosting option, clusters combine the resources of several dedicated servers, with each server taking responsibility for a different aspect of the store’s functionality, including web servers, file servers, and database servers. Clusters are capable of supporting the largest eCommerce stores and can be scaled indefinitely.
As an eCommerce store grows, its hosting should be able to grow with it. By choosing a provider that offers hosting options suitable for stores from the smallest to the largest, eCommerce merchants establish a long-term relationship with a host who can support their business throughout its life.