CAll Us: +1 888-999-8231 Submit Ticket
Making Old Stogies New Again: A Magento 1 to WooCommerce Migration Story

Making Old Stogies New Again: A Magento 1 to WooCommerce Migration Story

If you were running a retail store circa 2010, chances are you had an experience like many others at the time. The Web offered a new opportunity to expand your physical store, and Magento was the best solution for the job. So you found your platform, built your strategy, asked one of your trusted employees to moonlight as a product photographer, and fired up the office computer to get to work. 

As you started building your site, you soon realized that creating the perfect store meant sitting in the office trying to learn a new piece of software instead of selling. Hiring a local developer wasn’t cheap, but eventually the site was everything you thought you wanted, and you started marketing it everywhere. Sales trickled in, but never really lived up to your expectations.

Over the next couple of years, you realized through customer feedback and your own testing that your slow sales weren’t about inventory or addressing consumer needs. The site had slowed to a crawl, your web developer had become more difficult to get a hold of, and product pages weren’t coming up in search engines. Something needed to change. But rebuilding your website is expensive and time consuming and you didn’t want to take on another project. Until you had to. 

An end for Magento 1

At the end of 2018, the Magento organization announced that support for Magento V1 (likely the version you’ve been using) would cease on June 30th, 2020. So after finding the right person to do the job of upgrading, optimizing, and re-building your store to drive those sales you were looking for, the software that your store runs on will now not be modernized, optimized, or updated moving forward. So what should you do next? Carpe Diem! See the grand opportunity in front of you to upgrade – and develop the site of your dreams that’s bigger, stronger, faster than before. 

Case in Point: The path forward for a small business in Houston

At the end of last year, Stogies World Class Cigars in Houston realized that after five years, they weren’t seeing the sales benefit they’d hoped for in their online store. Even worse, hiring the talent needed to fix page speed and search engine issues was cost-prohibitive. Since the team at Stogies wanted to reduce their maintenance costs, as well as manage future updates, content, and layout changes in-house, WooCommerce was the strongest option for migrating from M1. Building atop the Hostdedi Managed WooCommerce platform immediately reduced future software update costs. Built-in automatic plugin / update testing and upgrades meant that Stogies could focus on merchandising and optimizing the purchasing path for buyers. Speed was also a big concern. When they came to Hostdedi, pages on their website often took 15+ seconds to load. As a result, sales were low online but great in stores. So another priority was to decrease load speed – because they knew by speeding up the site, more traffic and increased sales were soon to follow. 

Content and Creative are King

After finding the right platform in Managed WooCommerce, they knew it was important to bring forward the visual aspects of the old website while still keeping the site snappy. Afterall, the crew at Stogies was proud of how their website looked, just not how it was performing. After testing 50+ themes, we recommended they use Astra, the best performing theme for their site.. From there we paired Astra with the Beaver Builder plugin to allow for easy future editing of layouts and sales pages.

Serving up a Seamless Customer Experience

It’s important that when a previous customer returns to a website, they recognize the landscape. The website should operate the same (or better) than it did before. We evaluated every bit of the customer experience from the old Stogies website, and were able to duplicate most of the functionality with off-the-shelf plugins included as a part of the Hostdedi WooCommerce platform.

Moving customer accounts and orders

The last step before testing the entire site was to make sure that customer accounts, previous orders, product data, and content were all transferred to the new website. Magento and WooCommerce are extremely different in the way that they store information. Using an easy-to-use import plugin for WordPress, we were able to successfully recreate all customer accounts, orders, and other data within their new WooCommerce site.

The moment of truth

After almost five years of dealing with the frustration of a slow, underperforming website, it was time to pop the cork on a bottle of bubbly, re-launch the website, and see whether or not the work to rebuild in WooCommerce was successful. 

The results were staggering

Within a month after launch, traffic increased 20%-50% per-day (over the previous year). Time spent by potential customers on the site increased by minutes, and average page load speed decreased from 5.11 to 2.14 seconds. Traffic from search engines increased by 181%, and new visitors were up by 67%. Most importantly, revenue started to double month-over-month.

Why WooCommerce and not Shopify? 

As we set out on the journey to help Stogies turn their stale store into an online powerhouse, we took a deep look at what it would take to build it on Shopify. While it’s possible to build a simple beautiful store with Shopify, we ran into problems with even small customizations. We found that customization capabilities were either free and limited or expensive and detailed. We also found that some of the features or customizations needed for our build would require ongoing support from a third party developer- – something we’d set out to eliminate for the Stogies crew. 

We matched each site feature with it’s Shopify counterpart, and here is the fully-loaded cost estimate: 

Annual CostsWooCommerceShopify
Non-NegotiablesProduct reviews, homepage slideshow, brand bar, from the blog section, recent products, product variations$0$371
Custom Core FeaturesMega menu, multi-tier header, multi-tier footer, real-time USPS rates, real-time UPS rates, authorize.net gateway$266$119
Custom FeaturesStore locator, gift cards, event calendar, quick view, faceted filter, pricing tables, loyalty points, custom strength indicators, linked product attribute archives, email to a friend, menu cart, seo optimization, lazy load images, caching, forms, advanced search, PDF invoicing, email customization, ConvertKit integration, bulk product editing, wholesale pricing rules, import/export data tool, URL redirects$704$2,499
ThemesCore theme, page customizations, theme customization, advanced customization$147$150+custom dev
Hosting / Plan Cost$948$3,588+custom dev
Total Annual Cost$2,065$6,727

In short, WooCommerce is a third of the cost of Shopify and doesn’t require as much custom development.

We’re here to help you move forward

While Stogie’s results are extraordinary, they’re not unique. Modernizing, updating, and migrating your store to a fast WooCommerce platform will bring years of frustration with your online store to an end. Whether you’re working with an expert or managing your own store, we’re here to help. 

Source link

Magecart Attacks Again: the Latest on CardBleed

Magecart Attacks Again: the Latest on CardBleed

Only a couple of weeks after the first vulnerability with an associated CVE was discovered for Magento 1 after its end of life, reports about a large scale Magento 1 hack attempt surfaced. 

While stats are not definitive, as of today, around 3,000 sites were hacked. This attack, usually referred to as MageCart, is the most common type of attack against Magento 1 and it’s typically used to collect user credentials and credit card information from the application inputs and exfiltrate data to remote servers.

After carefully reviewing public reports and our WAF logs, Hostdedi identified the threat and swiftly added a fleet-wide block for /downloader. We also isolated the malicious content added to this prototype.js file and have removed it from every file, leaving the original malicious file as backup (prototype.js.bk) for the client’s reference. 

We already had filters for this, mostly against brute force attacks. But given that Magento discontinued Magento Connect after June 2020, we decided to block access and only re-enable it upon request for certain IPs. 

This is one of the biggest differences between a code based Magento 1 maintenance package versus a hosting-based approach. While almost every project issued notices and recommendations, they all required user intervention. 

Our approach was to deploy a fix to the entire server fleet without any user intervention.

While a few stores were impacted, the immense majority remained safe because of the infrastructure and systems we already had put in place. This foundation, plus our swift action, helped thousands of Hostdedi stores and customers to remain secure.

In addition, we released Nexcess_CSP for our Safe Harbor users. Content Security Policy (CSP) is an added layer of security that helps detect and mitigate certain types of attacks including Cross Site Scripting (XSS) and data injection attacks usually known as MageCart. This module helps any Magento 1 store to set CSP policies, avoid and report XSS attacks and has 2 main objectives:

  • Mitigate cross site scripting: disallowing the communication to certain URLs by specifying the domains that the browser should consider to be safe sources of scripts.
  • Mitigating package sniffing attacks: specifying which protocols are allowed to be used; a server can specify that all content must be loaded using HTTPS.

We did not find any intrusion for stores that had CSP_Nexcess installed and properly configured.  Hostdedi Safe Harbor provides an extra layer of protection against this type of attacks, which are likely to continue.

The best kind of protection against external attacks is a mix of server side protection in the form of a WAF plus modules and patches to keep your store protected.

Keeping your Magento 1 store fully operational means protecting it against known vulnerabilities. If you have yet to invest in Safe Harbor, this hack illustrates the importance of staying secure.

Hostdedi Safe Harbor is a sound foundation to keep your sites and stores protected while you are on M1.

Source link