Category Archives:
Magento Archives

Magento is a mature and feature-rich eCommerce application. It has everything a retailer needs to build an online store. But Magento, as richly endowed as it is, can’t be all things to all retailers. That’s why the Magento Marketplace and Magento extensions exist. They give developers the opportunity to put their own spin on essential eCommerce features.

In this article, we’re going to look at five of the best Magento extensions for increasing sales. We’re interpreting “increase sales” broadly, and will suggest extensions that will help you to bring new customers to your store, improve the shopping experience, and win back customers who leave without making a purchase.

Loyalty programs that offer discounts to loyal shoppers are an effective way of increasing sales and making sure that shoppers come back for more.

Loyalty Program from Amasty provides a huge range of functionality focused on building flexible discount reward schemes. The extension allows Magento retailers to create rewards based on a variety of attributes, including cart contents, purchase history, and more. There are many loyalty program extensions for Magento, but I’ve chosen to highlight this one because of its flexibility: Loyalty Program offers over 16 discount actions and intelligent discounting rules that cover almost everything a retailer might want to offer shoppers.

Research has shown that around 70% of carts are abandoned. Shoppers put products in the carts, but fail to complete the checkout process. Shoppers abandon carts for many reasons, but some can be won back with a well-timed email and the offer of a discount.

Abandoned Cart Email provides highly configurable email reminders with personalization features such as email templates customized for specific customer groups. The extension can also automatically generate coupon codes based on flexible rules chosen by the retailer.

Uncertainty is the enemy of eCommerce retailers. Online retail has many advantages that brick-and-mortar does not, but it suffers from some limitations where direct interaction is concerned. The answer to a question or concern can make the difference between a sale and an abandoned cart. Instant chat embedded on the site and staffed by a knowledgeable support team helps shoppers to get the answers they need to make a decision.

ZenDesk Chat provides Magento integration to the popular ZenDesk real-time chat service, allowing support staff to respond instantly to queries.

A significant proportion of shoppers arrive at eCommerce stores via a search engine. Magento is well-equipped to support excellent search engine optimization, but the SEO Ultimate Suite makes it easier to implement SEO best practices such as adding metadata to product and category pages, internal cross-linking, duplicate content resolution, and rich snippets.

Algolia Instant Search upgrades Magento’s built-in search capabilities with features shoppers are familiar with from search engines like Google. Algolia’s features include instant search results as the user types, autocomplete, search suggestions, and synonym matching.

I’ve tried to include the best of each category of extension in this article, but there are many that provide similar functionality. If my suggestions don’t fit your needs, be sure to browse the Magento Marketplace for more ideas.

Posted in:
Magento

When we talk about Magento security, the focus is often on securing the server and the eCommerce application itself. That makes sense because it is where most attacks are directed. Script injection, brute force, and remote code execution attacks are aimed squarely at the server. But there are other attack vectors to take into account, particularly endpoints.

eCommerce stores have a client-server architecture. The server is the application itself. Magento trusts authenticated clients, but these endpoints are not always trustworthy. A simple example of this problem is a logged-in mobile device. If an employee with an administrator account loses an insecure mobile device, whoever finds it may be able to access the store.

Endpoints can be used to circumvent even the best designed security strategies because they are trusted. In addition to ensuring that Magento is secure, everyone with admin permissions on a store or an SSH account on the server must follow endpoint security best practices.

Use two-factor authentication

Once a computing device — a laptop, perhaps — is stolen, it is best to assume that the thief has access to every password stored on it. Two-factor authentication, provided by an extension like Sentry, will stop an attacker who only has access to the password.

Secure endpoint devices

Modern devices and operating systems provide strong security and authentication systems. The MacBook I am writing this article on uses full-disk encryption and fingerprint authentication. Most mobile devices provide similar encryption and biometric authentication.

These security measures are only effective if they are used. Anyone with an admin account on a Magento store should take full advantage of their device’s built-in security.

Access your store over a VPN

A Virtual Private Network (VPN) encrypts information that moves between the endpoint device and a Magento store. This prevents a third-party from intercepting sensitive information with a man-in-the-middle attack.

A VPN is particularly important when site owners use insecure protocols such as FTP to transfer data to their server.

Remove unused accounts

Retailers often provide accounts for employees or freelancers so that they can work on the Magento store or its server. When the employee no longer needs access, the accounts should be deleted as soon as possible.

On a related note, if you do need to give access to a developer, designer, or other professional, create a new account for them. Don’t use the same account for more than one person. If everyone uses the same account, revoking access will be a huge headache.

Minimum necessary access

Give people the least access they need to get their work done. If they don’t need an administrator account, don’t provide one. If a developer doesn’t need access to your server’s root account, don’t let them have it. Magento includes powerful Access Control Lists so that store owners can specify which parts of a site an account can access. Familiarize yourself with how ACLs work and use them to restrict the access of account holders.

Endpoint security is too often neglected, but Magento store owners should be aware of the risks and what they can do to keep their store safe.

Posted in:
Magento

Like any complex piece of software, Magento requires a bit of maintenance every now and again. As your store evolves and your business grows, new products and customer accounts are created and deleted, extensions and themes are installed or modified, and the general day-to-day operations of the store leave their mark.

Diligently maintaining your store will ensure that it remains secure, fast, and reliable as the years go by. In this article, I’m going to focus on five of the most common tasks that Magento store owners should add to their to-do lists.

Applying Security Patches

The Magento teams regularly release security patches that fix vulnerabilities in the software. The patches are released shortly after vulnerabilities are discovered by Magento’s developers or security professionals. If you don’t install patches soon after they are released, your store may be vulnerable to attacks by criminals and to data theft.

We advise Magento store owners to monitor the Magento Security Center, which publishes the details of patches as they are released. If you are unsure how to apply a patch, take a look at our Knowledge Library article How to patch your Magento store.

Find and Fix 404 Errors

404 is the HTTP response code that web servers send to browsers when they can’t find the requested resources. Over time, you will move or delete product and content pages from your Magento store. If you aren’t careful, links from other pages on your store will be broken, resulting in 404 errors when shoppers try to visit them.

404 errors create a poor user experience and too many can have a negative impact on a store’s standing in search results. It’s a good idea to regularly use a tool like Screaming Frog’s Broken Link Checker to find and fix any 404 errors on your store.

Log Rotation

Magento logs information about what happens on a store in the database, including customer activity, orders, visits, and more. That information can be very useful, but the logs grow over time and can take up a lot of space and degrade database performance.

Magento can automatically remove stale logs, but this capability is turned off by default. If you want Magento to automatically clean its logs, find out how to turn on log cleaning in our guide to Magento database maintenance.

Backing Up

If your Magento store is compromised by bad actors or damaged by human error, it is easy to restore it from a backup. But if you don’t back up, incidents of this sort can be catastrophic.

Magento 2 has a built-in backup system that you will find in the dashboard under System -> Tools -> Backups. You can choose to backup the whole store with “System Backup”, the database and media, or just the database.

It is a good idea to perform regular system backups and to move the resulting files off your Magento server to a safe location.

Flushing The Image Cache

Magento caches product images in a dedicated cache. The Catalog Image Cache can sometimes become very large over time as new products are added and old products are deleted. Flushing the cache (removing the images) can free a large amount of disk space.

You will find the cache controls in the Magento 2 admin menu under System -> Cache Management. At the bottom of the Cache Management page is a button that will flush the Catalog Image Cache.

If you choose to flush the Catalog Image Cache in this way, there is likely to be a performance impact as Magento regenerates the cache of existing product images. You may prefer to only remove older cached images with a command such as this:

 find /path/to/magento/media/catalog/product/cache/* -type f -mtime +180 -exec rm -f {} ; 

As always, make sure you understand exactly what this command does before running it.

With regular maintenance, your Magento store will remain fast, secure, and reliable as your eCommerce business grows. Don’t forget, our expert Magento support team is on-duty round-the-clock to answer your questions.

Posted in:
Magento

The Magento eCommerce application is at the center of a vibrant ecosystem of retailers, developers, designers, conferences, and Magento hosting providers. Like all ecosystems, Magento evolves, and it can be difficult for newcomers to the world of eCommerce to get to grips with its constituent parts and the role they play in building a successful eCommerce business.

In this article, we’re going to explain some of the terminology new eCommerce merchants need to understand before embarking on their journey with Magento.

First things first, what is Magento?

Magento is a powerful eCommerce application built on open source technology. It’s used by retailers ranging from solo entrepreneurs to big-name eCommerce merchants like Ford, Wrangler, Silent Night, Harvey Nichols, Paul Smith, and Christian Louboutin.

Magento was initially released in March 2008 and has since grown to incredible proportions. There have been two main iterations of the application (Magento 1 and Magento 2).

One of the main reasons why eCommerce developers love Magento is due to its customizability and ability to scale as a business grows. A huge number of plugins and extensions are available for store developers, and custom functionality can be included with help from a Magento developer.

Image credit: Magento Commerce

The heart of the Magento ecosystem is an open source community of developers. The community is maintained by the Magento company. Magento Commerce is that company’s commercial offering, and includes support and additional features for enterprise retailers. This includes dedicated Magento account management.

Originally released in 2016, the self-hosted version of Magento Commerce was previously known as Magento Enterprise Edition. It has since grown to become a staple in the Magento community with bigger eCommerce businesses looking for more functionality looking for greater complexity and with a larger global presence.

If you’re a larger eCommerce business, Magento Commerce is likely the best option for your business.

Magento Open Source is a free version of Magento that includes many of the same features as Magento Commerce. Until recently, Magento Open Source was known as Magento Community Edition.

Magento commerce was originally released in 2007 as a public beta. The full version was released in 2008. Because Magento Open Source is open source, developers are not locked into the software they are provided. It is possible to make changes to the application and incorporates other technologies as well. This means that developers can craft Magento Open Source into something specific to their needs. Something developers aren’t as free with when it comes to Magento Commerce.

There is an impressive base feature set with Magento Open Source, yet where it really shines is in the additional features offered through the countless extensions currently in circulation. At the time of writing, there are more than 10,000 extensions available in the Magento marketplace.

To use Magento Open Source, retailers can choose a Magento hosting provider, which will provide the servers, bandwidth, and support a retailer needs to build their store. This also allows for Magento store owners to focus on what’s important – their store – and leave background processes to someone else.

There are other differences between the Open Source and Commerce editions of Magento. Here a few more in more detail.

Magento is a complete eCommerce solution, but retailers can add extra functionality by installing extensions created by third-party developers. Magento extensions extend or enhance Magento’s existing features. Hostdedi has created several Magento extensions, including the popular Turpentine extension for Varnish integration, and Alarmbell, a Magento security extension.

There are hundreds of Magento extensions, both free and premium. Magento users should take care to only install extensions from reputable developers or marketplaces. If in doubt, head to the official Magento Marketplace, which we’ll discuss in a moment.

Magento themes are similar to extensions, except themes focus on the design of a site rather than on adding new functionality. Every Magento store uses a theme, and just like extensions, there are free themes, paid premium themes, and custom themes developed for specific retailers.

Magento Marketplace is an officially supported repository of both extensions and themes. Magento Marketplace thoroughly vets all extensions and themes it distributes, so you can be sure that everything you find on there is secure and useful.

Magento Marketplace isn’t the only trustworthy source of themes and extensions. Many reputable developers have their own sites and stores. However, if you’re unsure of the quality of a theme or extension, it’s good practice to check to see if it’s on the marketplace.

Finally, Magento hosting: every eCommerce store needs a hosting provider. The hosting provider takes care of the store’s connection to the internet, the server the Magento application and its database run on, and the support retailers need to provide a fast shopping experience to their users.

Hosting providers are of varying quality and Magento requires specific conditions to provide the best performance and reliability. Choosing a specialist Magento optimized hosting provider with great support is the best way to start your journey as an eCommerce retailer

Posted in:
Magento

Jeff Bezos is the richest person who has ever lived, according to some sources. While that claim should be taken with a pinch of salt – Bill Gates was richer in real terms before he gave a big chunk of his wealth away – Bezos is certainly the richest person in the world today. That wealth is due to the enormous success of Amazon, and a big chunk of Amazon’s success is due to the stranglehold the company had over one-click purchases.

It would be silly to claim that one-click purchases were the most important factor in Amazon’s success, but we shouldn’t underestimate the difference in conversions and revenue between sites with one-click purchases and those that are required to make shoppers jump through hoops to buy. Experian have estimated that a single additional field on a check out form can cost an eCommerce company millions.

Once customers had become accustomed to one-click purchases, it was only a short hop to enhanced shopping experiences like Amazon’s Alexa, which can be used to make purchases by voice.

Last September, Amazon’s patent on one-click purchases expired. Any eCommerce store is free to implement one-click purchases, and Magento was fast off the blocks with the introduction of Instant Purchases.

Instant Purchases bring radically simplified checkouts to one of the most popular eCommerce platforms in the world, allowing tens of thousands of merchants to benefit from a user experience that was once the domain of a handful of eCommerce giants.

Magento Instant Purchases work like this: a shopper taps the “Instant Purchase” button on a store’s product page, confirms the order, and they’re done. A confirmation message appears and the shopper is free to carry on browsing.

To be able to use Instant Purchases, a shopper must be logged-in to their account, have selected a default billing and shipping method, and have a stored payment method.

A side benefit of Instant Purchases is that they encourage shoppers to create an account with all the necessary information, providing retailers with valuable data and increased opportunities for engagement.

Instant Purchases will also decrease cart abandonment rates. Carts are often abandoned before shoppers have completed the checkout process. With Instant Purchases, the decision is made on the spot. Shoppers are, of course, free to cancel any orders they make, but there’s a big difference between actively canceling an order that has already been made and deciding not to make the order in the first place.

Instant Purchases are worth exploration by any business that sells online. Shoppers have never enjoyed entering large amounts of information or plodding through multiple confirmation dialogues. Most want to be able to make a purchase within the context they made the decision to buy.

Posted in:
Magento

Fraud has always been a problem for online retailers, but since the introduction of more secure credit cards in the last few years, much offline retail fraud has moved online. Magento retailers can’t afford to ignore the ever-present risk of fraud, whether it’s the dedicated efforts of criminals gangs with stolen identities or the less predictable casual fraudster who orders products with every intention of initiating a chargeback and keeping the goods.

Fraud prevention is both time and labor intensive, especially for larger eCommerce stores. It’s challenging to check every one of thousands of orders for fraud. And, as I know from personal experience, it’s all too easy to generate false positives and lose a genuine sale.

Last year, I ordered some furniture from a well-known retailer and apparently triggered their internal fraud prevention system. The issue wasn’t handled well, and by the time my order had been freed from the dungeon of manual review, the products I wanted were out of stock.

It’s a hard balance to strike: too strict and false positives eat into profits, too lax and those profits go to fraudsters. eCommerce merchants don’t want to give shoppers a bad experience — no one likes being accused of fraud — but nor do they want to lose money.

Unfortunately, we aren’t yet at a point where fraud prevention can be entirely automated. There’s no replacement for an eCommerce retailer who intuitively knows when a transaction is likely to be false based on extensive knowledge of the customer base and their order patterns.

Although a manual review of Magento eCommerce sales is here to stay, automation can significantly reduce the work involved, green-lighting genuine purchases and blacklisting fraudulent purchases according to the Magento eCommerce retailer’s policies, and passing uncertain orders to a manual review team.

There are several excellent fraud prevention automation tools that integrate well with Magento.

Signifyd

Signifyd, which provides a Magento extension for Magento 1.X, is one of the leading lights in the field of eCommerce fraud prevention. Its platform carries out an extensive series of verification checks on every order, using a combination of machine learning and human analysis.

One of the most interesting features of Signifyd is how it stands by its decisions. When the service approves an order as genuine, it will refund you the lost revenue if it turns out to be fraudulent. That means Magento retailers don’t pay the cost of chargebacks.

The service isn’t free, so individual retailers should compare the cost of using Signifyd to the cost of fraud for their business and make the appropriate decision.

FraudLabs Pro Fraud Prevention

FraudLabs, which provides Magento integration for Magento 2.x, has been in the fraud prevention industry for more than a decade. The free extension is easy to setup, and once installed FraudLabs will run every order through a wide variety of checks including fraud analysis and scoring, IP Geolocation, email address validation, and a custom set of rules, among others.

Orders are categorized as “approved”, “rejected”, and “pending review”, reducing the amount of manual order validation required.

FraudLabs is free for up to 500 transactions, making it ideal for smaller eCommerce stores that want to dip a toe in automatic Magento fraud prevention.

Posted in:
Magento

Magento provides everything you need to build an eCommerce store. With specialist Magento hosting and Magento’s ecosystem of extensions and themes, you can go a long way. But, every store is unique and the time may come when your store needs the attention of a developer.

Magento developers can build custom integrations, extensions, and themes for a store, but it can be tricky to hire a qualified developer if you don’t know what you’re looking for.

A basic knowledge of Magento fundamentals helps. Magento is a web application written largely in the PHP programming language with a good dose of JavaScript on the front-end. Data is stored either in a database or on the filesystem in the case of static assets like images.

You can expect a decent Magento developer to be able to write PHP and JavaScript code and to have a working knowledge of databases.

Understand What You Need First

Although a good developer will be happy to guide you towards a solution, it’s useful to have a clear idea what you’re looking for in the first place. Take the time to write a detailed explanation that you can give to a developer. You don’t have to go into any technical depth, but the more certain you are of what you need, the easier it will be for the developer to get started.

Have a Realistic Idea of How Much a Developer Costs

You can expect to pay anything from $40 to $150 per hour for a qualified developer in the US. You may pay less for excellent developers outside of the US, but programming is a skilled and in-demand profession: set your expectations accordingly or the work may not be done to the highest standards.

Finding a Developer

In order of best to worst, here are the methods I use to find great Magento developers:

• Personal recommendations. Ask people you know and trust to recommend a Magento developer. Referrals are not always trustworthy, but, in my experience, the hit rate is a lot higher than with some of the other methods we’ll discuss.
• Magento development agencies. Magento development agencies like Human Element do the hard work of vetting developers so that you don’t have to. You may pay an agency more than you’d pay a freelance developer, but you also bypass a lot of the hassle involved in finding and hiring someone who can be trusted to do great work.
• Social media searches. LinkedIn is often a useful resource, as are Magento-focused Facebook groups.
• Freelance websites. Freelance websites like UpWork and Elance can be used to find good developers, but I’d advise against going down this route unless you have failed to find a good candidate elsewhere.

Assessing a Developer

Magento developers range from barely competent to highly skilled. If you aren’t a developer yourself, it can be hard to work out which sort you’re dealing with.

• Check out their portfolio. Many freelance developers will be happy to show you a portfolio of work that they have done for other clients. Look for work that is similar to your project.
• Ask for references. Some great freelancers don’t bother with portfolios — they get work through recommendations and referrals — but they should be able to provide you with references of previous clients.
• Look for Magento Certification. Magento Certification allows developers to prove that they have the necessary skills and knowledge to work with Magento eCommerce stores. Ask about Magento certifications, and then double-check using the Magento Certification Directory.

If you’re still not certain about the quality of a freelance Magento developer, I’d suggest giving them a smaller job before embarking on a long project.

Don’t try to get developers (or any freelance professional) to work for free, even as an assessment: good developers will walk away because they can get more than enough paid work. Instead, offer a small job at their hourly rate.

It’s important to find the right developer for your Magento project. The tips in this article will ensure that you get the best results in a reasonable timeframe.

Posted in:
Magento