What should happen when a security researcher discovers a vulnerability in a popular software project? Should details of the vulnerability be released so that users can protect themselves? Or should it be kept secret so that bad actors can’t exploit it?
There are drawbacks to both approaches. Immediate full disclosure puts users at risk. Bad actors find out about the vulnerability too, and there isn’t a lot users can do to protect themselves until patches are released. In contrast, secrecy allows software developers to ignore vulnerabilities, and there is no guarantee that bad actors don’t know about them already.
The industry has, for the most part, settled on a hybrid approach called responsible disclosure. When a security researcher finds a vulnerability, they inform the software’s developers but they don’t go public immediately. The developer is given time to release patches. Once the patches are released, the vulnerability is publicized so that users know to update. If the developer fails to release a patch in a reasonable amount of time, the vulnerability is disclosed to users so they can protect themselves. The amount of time given to developers varies; Google’s Project Zero allows 90 days.
Responsible disclosure attempts to balance competing goods. Users who are in the dark about vulnerabilities can’t respond to the threat, but immediate disclosure gives bad actors an advantage. Secrecy might prevent widespread exploitation of a vulnerability before it’s been patched, but developers, especially developers of proprietary software, may not be inclined to invest time and money into bug fixes for vulnerabilities no one knows about. Responsible disclosure is the golden mean between complete transparency and security by obscurity.
Responsible disclosure depends on the assumption that software is updated when patches are released. Secrecy following discovery is justified by the risk disclosure poses to users. They would be exposed without any way to fix the problem. Delayed disclosure is justified by the belief that once patches are available, users are safe.
But what happens when users don’t update? They are in as much peril as if the vulnerability had been exposed without patches having been released. Bad actors know all about the vulnerability, including, in the case of open source software, exactly which code was vulnerable and how to exploit it. Unfortunately, failing to patch isn’t rare: many recent data leaks and security breaches were the result of the exploitation of known vulnerabilities for which patches were widely available.
The point is this: over many years, a system for handling vulnerabilities has evolved, a system which aims to keep software users as safe as possible. Developers, security researchers, and corporations cooperate to minimize the risk to users. But users — businesses, server administrators, hosting providers — have a vital role to play. They have to update their software when patches become available. If they don’t, they put their business, their customers, and the wider population at risk.
For 74% of consumers, the quality and relevancy of search results on an ecommerce site is the difference between whether they do or don’t make a purchase. Storefronts can no longer rely on good navigation alone. Search has become a primary purchasing path, with consumers that use search 200% more likely to make a purchase than those who don’t.
Powerful on-site search provides more than just a direct purchasing path. It also provides customers with the ability to research and further define desired products and attributes. This not only means consumers are able to research their choices more effectively, it also positions you as an industry leader and an invaluable consumer resource.
This article looks at the search options available to Magento merchants, and outlines four of the main tools available; including Elasticsearch, SOLR, Sphinx, and MySQL. It examines the pros and cons of each, and provides a recommendation of what option is best.
Keep reading to see which Magento search option is right for your storefront.
Consumers who use search are 200% more likely to convert.
Note: this article will not be taking a detailed look at the multiple Magento search extensions available on the marketplace, but instead focuses on more powerful, external solutions.
How Magento Search Works
How Magento search works depends on what search option you choose and how you configure it. In some cases, it’s possible to simply connect a search engine to your Magento store and it will do the rest automatically. In other cases, proper implementation requires either a developer or expert.
Regardless of which path you choose, once a search engine has been implemented, it will index your site. This provides an easy to search through directory of your products and their attributes. Depending on the size of your store, this can take a few minutes to a few days.
When looking for a search engine, there are several different features that should stand out. These include:
Fast and accurate results
Natural language processing for longtail and complex search queries
Filtered results pages for more accurate results (Faceted search)
Error-tolerance (this needs to be high to provide better, more relevant results)
Synonym management (especially important for niche stores)
Elasticsearch
Elasticsearch (ES) is currently the most popular and the default option for Magento search.
As a java-based document store, Elasticsearch is engineered to store large numbers of JSON documents and speak to them natively. So in addition to being able to handle text-based queries, it can also understand advanced analytical queries too, including interpreting numeric and geo data.
Where Elasticsearch really shines is in its full support for Apache Lucene’s real-time search. From a customer’s perspective, this means ES is able to provide faster and more relevant search experiences. For store owners, this means faster conversions.
Currently, Elasticsearch is recommended by both us and Magento. Part of the reason for this is that it’s easy to set up. On Hostdedi accounts, it can be turned on under the Environment tab in your Client Portal. The endpoint can then be transferred into Magento by following this guide.
At the moment, both Foursqaure and Github use Elasticsearch.
A Faster, More Accurate Search Option
Elasticsearch makes use of Fuzzy searching, a technique which allows for stores to interpret customer queries even when they mistype or aren’t 100% sure what they are looking for. Combined with synonym and stop word interpretation, this places ES as one of the more capable search engines available to merchants.
Elasticsearch is able to provide faster and more relevant search experiences leading to more conversions.
ES also allows for merchants to customize search results based on defined parameters. One of the technologies used to do this is finite state transducers. In English, this means that ES can handle search queries that consider both the input and output, and that can then provide results based on the relationship between these two pieces of data.
Complex Search Query Support
While both Elasticsearch and SOLR (below) are based on Lucene query parsing, Elasticsearch provides support for structured query DSL. This allows for more complex search queries not supported by a just-Lucene search engine.
Elasticsearch also support scoring scripts, which can be written and implemented through JavaScript. At this point in time, SOLR does not offer this functionality.
Another standalone, scalable search option for Magento. For a long time, SOLR dominated the Magento search market for high-traffic sites. Not only does it offer a number of important features search admins are looking for, it’s also a scalable solution capable of handling heavy traffic loads.
Some of the features you’ll find with SOLR search include:
Search term suggestions based on misspelling
Weighted search results
Layered navigation
Powerful autocomplete
Relevancy management
Support for synonyms and stop words
At the moment, Cnet and Netflix use SOLR.
Near Real-Time Search Speeds
Where SOLR shines is when it comes to group searches. This is because SOLR supports distributed groups (including grouped sorted, filtering, and faceting). For ecommerce store owners, this allows for their customers to go through better, more relevant search experiences. At this point in time, the main competitor, Elasticsearch, does not support this in the same way.
SOLR offers a number of important features search admins are looking for.
When compared to alternatives, SOLR is a more complicated search engine to implement. Not only does SOLR’s interface take longer to learn than Elasticsearch’s, its deployment also requires a little more knowledge than Elasticsearch’s.
If you’re looking for some added functionality that comes with additional work, then SOLR may work for you. However, in 99 cases out of 100, we would recommend Magento store owners opt for Elasticsearch.
No longer the latest and greatest in Magento Search
Sphinx
Sphinx is a powerful Magento search tool capable of searching multiple content types, with support for multiple languages. While not as powerful as the options above, its favored by a lot of Magento 1 stores due to the ease of integration.
Sphinx is currently used by Mozilla, Craiglist, and Dailymotion.
Fast Search From a Premium Module
By default, Sphinx doesn’t run through an external container but an extension that can be downloaded through the Magento Marketplace. Despite this, it’s still capable of holding its own when pitted against the other options on this list.
From their own documentation, Sphinx is able to deliver over 500 queries/second when a product catalog consists of over 1,000,000 skus.
In terms of its actual search capabilities, Sphinx includes a number of features you see with most of the other search engines listed here, including:
Synonym and plural form support
Long tail search
Stop word support
Sphinx also allows for multiple search types, including products, categories, attributes, and blog content. Its morphology preprocessors allow for different word forms to be replaced with their base form. In Sphinx’s example, this means translating Dogs into Dog. There are, of course, much more complicated use cases where this helps to provide unique and highly-relevant results for customers.
Sphinx is able to deliver over 500 queries/second when a product catalog consists of over 1,000,000 skus.
A Magento 1 Search Tool
While we always recommend using Elasticsearch, we’ve found that when Sphinx is used it tends to be with Magento 1 stores. If you’re running a Magento 2 store, Elasticsearch is a better option – especially if you’re just getting started or are in the process of replatforming from magento 1.
If you’re interested in how to configure search on Magento 1, then we recommend checking out this article from Shero.
Sphinx Pros
A powerful search engine used by a lot of large, popular sites
Years of development have made it stable
Sphinx Cons
Not as well supported as alternatives
Lacks the speed of Elasticsearch and SOLR
MySQL
The original default search engine for Magento. While competent in its own right, it doesn’t compare to the enterprise options available. Moreover, the MySQL search option for Magento has now been deprecated. Instead, Magento 2 is now configured to use the Elasticsearch search option by default.
The default MySQL search is also missing some other features you’ll find with SOLR or Elasticsearch, including suggestions, clustering, attribute weights, and tips when zero results are returned.
For this reason, we recommend avoiding the default MySQL search option. With the current ease of integration afforded by Elasticsearch, why wouldn’t you want more powerful search powering your Magento store?
MySQL Pros
MySQL Cons
It’s not nearly as powerful as other options
It has been deprecated
Expanding Magento Search Functionality Through Extensions
If you own a smaller Magento store and don’t want to invest in a dedicated search engine, then it’s also possible to expand the search functionality of Magento through extensions. These can be found and downloaded from the Magento Marketplace.
The Best Magento Search Engine
We recommend that all merchants make the move to Elasticsearch. Not only because it’s easy to integrate with your Magento store, but also because it provides numerous improvements over the alternatives.
While speed and performance is comparable to SOLR, Elasticsearch does have a slight edge. It also allows for consumers to make more complex searches with more relevant results, thanks to a number of additional features such as fuzzy searching, full indexing, and DSL query support.
In terms of development, Elasticsearch also provides much more in terms of official and community client libraries. This means that your developer is more likely to be able to handle and scale it efficiently. Combine this with its out of the box readiness on the Hostdedi container platform, and it becomes the clear search engine choice for most Magento stores.
WooCommerce doesn’t require a lot of day-to-day maintenance to keep it in peak condition. But, as winter comes to a close and the dust of the busy holiday season settles, spring is the ideal moment to take stock and make sure everything is working as it should be. A little spring maintenance will help your store remain fast and secure throughout 2019.
Update WordPress, Plugins, and Themes
WooCommerce stores should be updated regularly throughout the year, but the busy holiday season leaves little time for ongoing maintenance. If your store hasn’t been updated in a few months, now is the perfect time to spend a couple of minutes hitting the update button. Make sure that you’re running the most recent release of WordPress, WooCommerce, other plugins, and the store’s theme.
Updates help to keep your store safe from hackers and criminals by patching security vulnerabilities. If you don’t update regularly, you may be in for an unpleasant surprise later in the year.
Check Your Backup Procedure
We recommend that all WooCommerce stores are regularly backed up to at least two locations, one of which is a remote location. There are many services and plugins to help you backup your site. We covered some of the best in this post from last year.
Whichever method you choose, it should be checked regularly to make sure it’s still working. It is not uncommon for retailers to lose data because the backup they thought was keeping their store safe had stopped working. When you’re dealing with the aftermath of an attack or accidental data loss, there’s little more frustrating than finding that your backup scripts haven’t worked for the last six months.
Manually run a backup to make sure the process completes successfully, and then carry out a test restore on a staging or development site. You should be able to quickly recreate your store, and if you can’t, it’s time to rethink its backup strategy.
Audit Plugins
We’ve already covered updates, but it is also worth looking at plugins that haven’t been updated for a while. You can see when a plugin was last updated in the Plugins section of the Admin menu. If a plugin hasn’t received an update in a few months, you should investigate to ensure that it is still maintained.
Unmaintained plugins are not necessarily a security issue, but if a vulnerability is discovered in an unmaintained plugin, it won’t be fixed. If you have any plugins that are unmaintained installed on your store, try to find an alternative that is actively developed.
While you’re looking at plugins, this is also a good time to deactivate and uninstall any plugins that you aren’t using. It’s better to remove unused plugins because every plugin adds code to your store, and code that has been removed can’t cause security or performance problems.
Run Performance Tests
WooCommerce stores evolve as new features are added, plugins are installed and uninstalled, and alterations are made to themes. These changes can impact performance, so it’s wise to run performance tests every once in a while to identify any issues. We recently published a detailed guide to performance and load testing your WooCommerce store.
Check Content for Freshness
The beginning of the year is an opportune moment to review the content you have published over the past few months. Blog posts and web copy can become outdated. Editing dated information ensures that content remains a valuable resource over the next year. Pay particular attention to the site’s About page; it should be updated to reflect changes in the businesses branding strategy and to recent events.
With a couple of hours of spring cleaning maintenance, you can put your WooCommerce in a strong position of reliability, security, and performance for the next year.
Every ecommerce store is unique. Merchants have a lot of choices to make before their store even goes live; choices including site design, customer base, and product curation. Yet underlying these choices is another, potentially more important one: which ecommerce CMS is right for delivering on those decisions?
In 2019, ecommerce sales will account for 13.7% of retail sales worldwide. By 2021, that number is expected to increase to 17.5%. Improved access, data-driven strategies, and mobile implementations are only a few of the reasons for this rapid growth. The continued development of ecommerce CMSs to match merchant and consumer expectations is another.
From Magento to WooCommerce, and beyond, the right CMS allows merchants to create a storefront that optimizes the buyer’s journey and increases sales.
This article takes a look at seven of the most popular ecommerce CMS available to merchants. It breaks down the pros and cons of each and looks at which merchants should be using which. If you’re looking to set up a new ecommerce store, or are interested in exploring other possibilities, keep reading.
The Ecommerce CMS Comparison
Magento 2
Magento 2 is one of the ecommerce world’s most functional platforms. Capable of creating and managing more complex buyer journeys, the application is used by some big names, including Coca Cola, Warby Parker, and Nike.
Currently over 19% of the top 1 million websites use Magento, positioning it as the most popular ecommerce CMS for larger ecommerce stores. Part of the reason for this is its community. At the heart of Magento, vendors, developers, and merchants have come together to create an ecosystem that few other platforms can rival.
Magento is used by some big names, including Coca Cola, Warby Parker, and Nike.
That ecosystem has continued to grow following Magento’s acquisition by Adobe. Integrations with Adobe technologies have continued to be expanded and improved, with many finding Magento 2 to be the “complete ecommerce package”.
Yet Magento isn’t right for all merchants. Development of the type of user experiences and buyer journeys offered by bigger brands requires a bigger investment. For this reason alone, Magento may simply not be the right choice for smaller merchants. Store management is also a more complicated process than with something like WooCommerce.
In addition to this, to truly take advantage of the Magento platform it’s important to find the right hosting provider. This is because Magento is a resource heavy application. If you choose Magento, look for Magento optimized hosting.
We recommend Magento 2 for merchants looking to create cutting edge online experiences that improve the bottom line. But it’s important to remember that this kind of development means a steep price tag.
Pros
Incredible functionality and capabilities
Great community that is constantly working to develop even better ecommerce solutions
Open source version is free
Cons
Often requires a developer for first time store owners
Magento 1
Magento 1 is the first release of Magento, and still manages to hold its own in terms of functionality and performance. Currently, there are over 4,500 live Magento 1 sites in the top 1 million sites worldwide.
At this point, sites running on Magento 1 are generally ones that moved to the platform before the Magento 2 release. While Magento 1 is still a very capable ecommerce CMS, it doesn’t have some of the features and support you’ll find with the second version of the application. This is despite still having strong community support.
One of the main differences between Magento 1 and 2 comes in the form of security. Magento 2 supports improved security protocols, including a strengthened hashing algorithm for passwords and improved user management for admins.
To make this worse, the upcoming June 2020 End of Life means that the M1 platform will no longer continue to receive official support. This means many will have to replatform to either Magento 2 or another ecommerce application.
For new merchants interested in Magento, we recommend moving straight to Magento 2.
Pros
A history of success with a huge contingent of merchants
A supportive community that will continue to support the platform after its End of Life
Cons
Will be deprecated in June 2020
Doesn’t have a lot of the functionality and support you’ll find with Magento 2
Shopify
Shopify is an easy to use SaaS ecommerce tool. Over the years it has grown from a small, simple application into a capable ecommerce storefront. In doing so, it has solidified its position as one of the more popular options available to merchants.
However, while great for beginners, as soon as merchants begin to see significant purchasing volume, Shopify’s problem starts to make itself known. Unlike alternatives such as Magento, Shopify’s custom functionality is still rudimentary. As a result, it does not allow for the same level of curation regarding the buyer’s journey. Over time, this can limit further merchant growth.
Despite this, Shopify has great support and security thanks to being a closed-source SaaS product. Many of the application’s optimizations all come as standard and are managed by Shopify themselves. This can be both a positive – as you know there is a team of experts behind your store – and a negative – in that you’ll have to wait for unique and cutting edge performance enhancements.
Shopify offers merchants a capable ecommerce storefront.
Still, Shopify is host to just over 10% of the top 1 million websites worldwide and the application is only growing in popularity for small and medium businesses.
If you’re looking for a simple, easy to use ecommerce cms, then Shopify may just be the right choice. If, however, you’re looking to expand your online ecommerce experience and create something distinct, we recommend looking towards Magento.
Shopify takes a cut of all transactions on your site
Not as versatile as Magento
Sylius
Sylius is a new addition to the ecommerce scene, and one that has managed to consecutively score wins against competitors in terms of functionality and design. Currently the application of choice for a small number of sites, that number has grown rapidly; especially considering that the platform has only been around for a few years.
Perhaps one of the main barriers to entry for merchants looking to move to the Sylius platform is that it requires a developer to create a fully capable storefront. This is a double-edged sword for most merchants. It means that their storefront will likely be an unforgettable one with a curated user experience, but it can also cost a lot to implement properly.
A Sylius storefront will likely be an unforgettable one with a curated user experience.
Despite this, if you’re a merchant looking for a more advanced platform that offers capabilities that rival even the most advanced ecommerce CMS, then Sylius is probably one of your best choices. If you’re looking for something simple that you can manage yourself, we recommend that you continue reading.
Pros
Offers complete control over functionality
A great open source community
Cons
Is still relatively new
Requires a developer to create your site
BigCommerce (for WordPress)
If you’re looking to take full advantage of the content marketing opportunities available to merchants, then BigCommerce may be one of your best options.
Released in 2018, the BigCommerce for WordPress plugin has quickly grown, now offering merchants access to a clear and easy-to-use ecosystem that offers both powerful ecommerce functionality and content management.
It’s able to do this due to being a headless implementation of BigCommerce. This means that product management is controlled by the BigCommerce back-end, while front-end design and navigation are managed by WordPress.
BigCommerce for WordPress is a headless implementation of BigCommerce.
BigCommerce does require merchants to pay an additional monthly fee. However, this means that you’ll have access to BigCommerce support (for help with the application) and potentially improved security.
Interested in learning more about the BigCommerce for WordPress plugin? Read Topher DeRosia’s guest post, currently BigCommerce for WordPress’ Developer Evangelist.
Pros
Allows merchants to use both the product management tools of BigCommerce and the content management tools of WordPress
Relatively easy to use with great functionality
Cons
An additional monthly fee
Prestashop
Prestashop has been on the ecommerce scene since 2007. During that time, it has gone through several iterations. Available in both self-hosted form and as a SaaS platform, it now offers some great options for beginners looking to get started with a small ecommerce store.
Firstly, Prestashop helps to simplify daily management tasks by offering an easy to use interface. This includes intuitive labels and the ability to expand functionality through downloadable modules. We took a look at Prestashop and compared it to Magento, and found that in terms of number of downloadable add-ons, the application is almost on par with Magento.
But that’s about where Prestashop’s advantages end. In terms of customization, there’s not a lot you can do. If you’re looking for an ecommerce platform that allows you to create unique, memorable buyer journeys, we recommend looking elsewhere. Prestashop’s customizations pretty much start and end at color schemes, basic UI elements, and modules.
To date, just 2 Prestashop sites have made it into the top 10,000 sites worldwide, out of over 270,000 total live sites. This trend seems to be in keeping with the purpose and audience the platform is primarily designed for.
Pros
Easy to use and get started with
Cons
Limited functionality
Not as up-to-date as alternatives
WooCommerce
The final entry on this list should need no introduction. WooCommerce is the most popular ecommerce CMS available, with over 3 million live sites.
Like BigCommerce for WordPress, WooCommerce is a WordPress plugin. It expands the natural content management functionality of WordPress to include advanced configurations for ecommerce.
Because of its nature, it not only manages to serve as a great choice for merchants interested in content marketing and SEO, it also provides a solid foundation for ecommerce and product management.
It’s especially good for small ecommerce stores that are either just starting up, or looking to manage most of their content and design in-house. Unlike most of the other CMS on this list, WooCommerce merchants have access to a huge range of pre-designed themes and customizations.
WooCommerce is a great choice for merchants interested in content marketing and SEO.
WooCommerce also provides merchants with the ability to expand functionality through extensions. These allow more control over payment processes, the buyer’s journey, and more.
Yet despite these capabilities, WooCommerce is still a simple ecommerce platform when compared with competitors like Magento and Sylius. Advanced customization still requires coding knowledge, and the WordPress platform limits what can be done.
If you’re a small business owner then we can’t recommend WooCommerce enough. However, if you’re already an established store, we recommend taking more control with another option on this list.
Pros
Free and open source
Easy to use and get started with
A huge range of different themes and extensions
Includes the great content management of WordPress
Cons
Not as functional as some of the alternatives on this list
Limited by the capabilities of WordPress
The Right Ecommerce CMS for You
Each application has its own advantages and disadvantages. Much like the products a merchant sells, choosing the right CMS requires merchants to analyze both the resources available to them and their own preferences.
For medium and larger stores, we recommend adopting Magento 2. Not only is it a versatile platform that continues to grow, it also has an incredible community that’s both helpful and knowledgeable.
If you’re looking to be on the cutting edge of ecommerce, we recommend making the move to Sylius. While a relatively new platform, it has already proved itself with merchants worldwide. Contact the Sylius team to learn more about what it can do for your storefront.
Ecommerce sales will account for 13.7% of retail sales worldwide in 2019.
For those interested in content marketing and taking advantage of its relatively “new” appearance on the ecommerce scene, BigCommerce is going to offer a lot of tools you won’t find elsewhere. At the same time, it’s also going to allow better management of products.
For smaller stores, we recommend WooCommerce. With an easy to use interface and even simpler product management, it’s better than a lot of other “easy to use” and manage CMS available. Not sure how to get started, follow our WooCommerce setup guide.
Dev sites allow you to make changes to your site without breaking it.
Whether refreshing your theme or applying a critical security update, sites are living environments that can react unpredictably to well-intentioned changes.
Any change, small or significant, can disrupt or even break your site when carelessly applied. Such disruptions torpedo both your sales and your customers’ trust. Properly executing these changes can be the difference between an unnoticeable hiccup and a prolonged outage.
If you already enjoy the services of a knowledgeable web developer, then you’re likely all set. If you’re not — or you have reason to suspect their qualifications — read on.
At Hostdedi, we host several content management systems, including WordPress, ExpressionEngine, Craft CMS, and Drupal. You can build just about any site with any of these content management system, but each has strengths that make it a better choice for some projects than others. In this article, we will focus on Drupal and the projects to which Drupal is most suited.
Your Website Needs Flexible Content Management
Drupal is often thought of as a content management framework. It provides a set of tools and features that hosting clients can use to manage content, but Drupal doesn’t impose its opinion about how content should be organized. That’s ideal for large organizations with complex and heterogeneous content. Rather than fighting against a built-in content model, they can use Drupal to build a custom content model shaped by the requirements of their project.
Drupal’s fundamental content primitive is the node. All content is in a node (unless it’s a comment, in which case it’s attached to a node). A node can be an article, a page, a forum topic, or a custom content type. Content in nodes can be displayed on pages with endless flexibility.
Lots Of People Will Work On Your Site
Just as Drupal’s content model is supremely flexible, so are Drupal’s user management capabilities. Drupal user management is based on user roles, each of which can have different permissions. A user can be given multiple user roles that determine what they can do on the site. Drupal administrators can create as many user roles as they need.
Drupal’s user role and permissions model is ideal for sites with many writers, editors, and users.
You Need A Decoupled Content Management System
Drupal is architected to make building decoupled or “headless” content management platforms as easy as possible. Decoupling isn’t an afterthought in Drupal; it’s a core design principle. Drupal is an API-first content management system and that makes it much less challenging to build front-end applications and services that take advantage of Drupal as a back-end.
You Need Your Website To Scale
Drupal was built to support the largest and busiest websites. Its target users are enterprise organizations that receive millions of visitors a month, so it’s engineered to scale. Some of the largest publishing and promotional sites on the web are built on Drupal, including the Economist, OpenSource.com, Johnson & Johnson, Lady Gaga’s site, Al Jazeera, and many government sites.
Although Drupal is built to scale, web hosting plays a vital role in the performance, availability, and scalability of a Drupal site. To get the most out of Drupal’s scalability, choose a Drupal hosting platform that can grow with your business.
You Want To Build A Custom User Experience
Although Drupal includes a basic theme and it’s possible to install an off-the-peg theme, organizations that choose Drupal typically build a custom theme that reflects their branding and publication constraints. If your organization would prefer to use a premade theme, then WordPress may be a better choice. But if you value the ability to create a custom content model and complete control over the user experience, Drupal offers many advantages.
In summary, your website needs Drupal if it requires flexible content modeling and management, has many users with a multitude of roles, and you need a comprehensive array of tools to build a custom user experience.
WordPress sites and WooCommerce stores should be backed up. Every byte of data should exist in more than one location, including the files in the site’s WordPress directory and the data in its database. Sites that aren’t backed up are vulnerable to user error and security issues. Sites with an off-site backup are robust. If something does go wrong, a backed up site can be restored in minutes, while a site without a backup may be gone for good.
WordPress and WooCommerce can be backed up manually by copying the files and dumping the database, but it is easy to forget to do a manual backup. A backup that runs at the push of a button is better, and automatic backups that need no manual intervention are best of all.
If you have more discipline than average, you might choose to back up your site and its database manually, copying all of the database’s SQL and the site’s PHP files, images, plugins, and themes to a secure offsite location every day or two. For everyone else, a backup plugin is a good idea.
VaultPress is a backup service owned and operated by Automattic. Part of the Jetpack suite of services, VaultPress is the easiest option for low-maintenance backups. It provides automated daily backups with unlimited storage and a 30-day backup archive at the Personal and Professional tiers. If you need longer-term backups, Jetpack Professional includes an unlimited backup archive.
UpdraftPlus provides a complete backup solution to copy all of a WordPress site’s data to any of a wide variety of storage solutions, including Dropbox, Google Drive, and Amazon’s S3. The free version includes scheduled backups and the ability to restore from the WordPress control panel. The premium version of the plugin adds a few storage options and incremental backups, a useful feature that backs up only the changes since the last backup, rather than sending everything with every backup.
BackupBuddy is a premium-only backup plugin that offers scheduled backups to a variety of storage solutions, including BackupBuddy Stash, which is managed by the plugin’s developers. In addition to complete backups, BackupBuddy also allows you to choose partial backups, such as files-only or database-only backups.
Duplicator is aimed at WordPress users with some technical knowledge because it offers far more configuration options than the user-friendly plugins we’ve already looked at. That makes it more flexible than other backup plugins, but also more complex.
Duplicator is a general tool for migrating, cloning, and moving a WordPress site. For example, it can be used by WordPress professionals to create pre-bundled websites so that the same configuration can be installed for multiple clients.
The premium version of the plugin, Duplicator Pro, includes more backup-focused tools, including scheduled backups to cloud storage, email notifications, multi-threaded backup for large sites, and premium support.
All of the plugins we’ve discussed here will make your WordPress site or WooCommerce store safer and more resilient to attacks, malware, and user errors. If you’d rather not pay for a premium plugin, the free version of UpdraftPlus is an excellent backup solution.
Domain Name System (DNS) is a critical component of every website or eCommerce store. If DNS doesn’t perform, a site can’t be fast. If a site is slow or unavailable, DNS is a likely candidate. In this article, we explain what DNS is, how it can affect your site, and how you can test DNS to make sure it’s working correctly.
DNS is responsible for transforming a domain name like nexcess.net into an IP address that computer networks understand. When a user clicks on a link or enters a URL in their browser, the browser asks a domain name server if it knows the associated IP address. The domain name server is usually hosted by the user’s ISP, although there are public domain name servers hosted by organizations like Google and Cloudflare.
If the domain name server knows the IP address, it tells the browser. If it doesn’t know, it asks another domain name server, which might ask another server, and so on until the answer is found. The order in which servers are asked is determined by a hierarchy. In the case of nexcess.net, the root domain server is asked which DNS server knows about the .net top-level domain, and that server is asked about the nexcess.net domain. All of this is complicated by geographic redundancy: duplicates of major DNS servers exist all over the world.
Is DNS Slowing Your Site Down?
DNS lookups should be a small proportion of your site’s total load time. The browser does nothing while it’s waiting for a response to a DNS request. If you’ve ever clicked on a link and wondered why your browser seems to be stuck, it’s because it is waiting for a response from a DNS server.
Ideally, DNS lookups should take less than 100 milliseconds from any part of the world from which a site gets substantial traffic. A web performance tool like Pingdom can tell you how long each lookup takes from locations around the world. There are several possible causes for slow DNS lookups. If the lookups are slow for you, but fast from elsewhere in the world, the issue is with your ISP’s DNS servers. If lookups are slow from everywhere, then the problem is most likely a slow DNS host. The solution is to host your domain records with a fast global DNS hosting provider.
Have Your DNS Records Propagated?
DNS is a hierarchical and geographically distributed system with many thousands of individual servers spread across the globe. When a site owner edits the DNS records of their site’s domain, the new records have to be synchronized with servers around the world — a process called DNS propagation.
Propagation isn’t instantaneous; it can take up to 24 hours for domain records to propagate. Until they do, some DNS servers will respond to requests with the old records. In some cases, a DNS server might not be able to find any records at all. In consequence, when the site owner or a user tries to visit the site, they may not get the expected results.
This can be confusing and frustrating for web hosting clients who want their domain to work immediately, but propagation takes time. Hostdedi developed a tool to help hosting clients figure out how far DNS propagation has progressed for their domain. Enter your domain, and the tool will tell you which DNS servers around the world have your DNS records.
A decade ago, shoppers who wanted to buy something from an online store had no choice but to browse to the retailer’s site on their desktop computer. Today, they are more likely to visit the store on their phone through a native application, a progressive web app, or a traditional server-rendered app. Or perhaps they prefer to buy from a store without ever leaving their social media network. Or they may shout to their smart speaker that they’ve run out of toothpaste and rely on it to relay the message to a retailer.
Today, it’s becoming obvious that shoppers expect to be able to shop using the interface that is most convenient to them.
Traditional eCommerce applications were designed to serve the needs of shoppers from the previous decade. The front-end interface was integrated with the back-end catalog management and shopping cart. Over the years, server-rendered front-ends have evolved to offer a better mobile experience, but eCommerce applications in which both the front and back-end are tightly integrated are difficult to adapt to the expectations of modern shoppers. Headless, or decoupled, eCommerce applications are the answer.
A headless ecommerce application unties the front-end interface from its back-end administration and management features. Decoupling allows retailers to take full advantage of the power of Magento, Drupal, or BigCommerce while freeing them to build independent interfaces that communicate with the server-side application via an API.
With headless ecommerce, developers can create multiple user experiences to meet the changing requirements of shoppers. They can take advantage of fast-evolving web technologies without having to delve into the legacy code of monolithic ecommerce application.
A further advantage of headless architecture is that the back-end and front-end can scale independently. The infrastructure supporting the user interface is not the same as the infrastructure supporting the back-end, a substantial advantage for ecommerce in particular given how resource-intensive large catalogs can be.
Consider BigCommerce for WordPress. BigCommerce is a commerce-as-a-service platform that provides catalog management, logistics support, payment processing, a shopping cart, and more. WordPress is a content management system that excels as the foundation of rich content-first websites. BigCommerce for WordPress allows WordPress to be used as the front-end for BigCommerce, combining the strengths of both platforms by allowing businesses familiar with WordPress to build stores based on a flexible and scalable back-end. The same BigCommerce store can be used as the back-end for multiple WordPress sites, mobile applications, in-store interfaces, and Internet of Things (IoT) retail experiences.
BigCommerce is not alone in anticipating the need for decoupled ecommerce. The same considerations influenced the introduction of both the WordPress and WooCommerce REST API. It is headless that motivated Magento’s API and its transformation into an innovative platform for progressive web applications. Drupal also provides a powerful API for decoupled interfaces.
It’s time for our monthly roundup! If you’re looking for the same great articles the rest of the year, follow us on Twitter and Facebook. Enjoy and let us know if we missed anything important in the comment section. WordPress and WooCommerce Harness the power of blocks with WooCommerce Bookings Availability – WooCommerce Bookings Availability…
What should happen when a security researcher discovers a vulnerability in a popular software project? Should details of the vulnerability be released so that users can protect themselves? Or should it be kept secret so that bad actors can’t exploit it? 
For 74% of consumers, the quality and relevancy of search results on an ecommerce site is the difference between whether they do or don’t make a purchase. Storefronts can no longer rely on good navigation alone. Search has become a primary purchasing path, with consumers that use search 200% more likely to make a purchase than those who don’t.
Every ecommerce store is unique. Merchants have a lot of choices to make before their store even goes live; choices including site design, customer base, and product curation. Yet underlying these choices is another, potentially more important one: which ecommerce CMS is right for delivering on those decisions?
Dev sites allow you to make changes to your site without breaking it.
At Hostdedi, we host several content management systems, including WordPress, ExpressionEngine, Craft CMS, and Drupal. You can build just about any site with any of these content management system, but each has strengths that make it a better choice for some projects than others. In this article, we will focus on Drupal and the projects to which Drupal is most suited.
WordPress sites and WooCommerce stores should be backed up. Every byte of data should exist in more than one location, including the files in the site’s WordPress directory and the data in its database. Sites that aren’t backed up are vulnerable to user error and security issues. Sites with an off-site backup are robust. If something does go wrong, a backed up site can be restored in minutes, while a site without a backup may be gone for good.
Domain Name System (DNS) is a critical component of every website or eCommerce store. If DNS doesn’t perform, a site can’t be fast. If a site is slow or unavailable, DNS is a likely candidate. In this article, we explain what DNS is, how it can affect your site, and how you can test DNS to make sure it’s working correctly.
A decade ago, shoppers who wanted to buy something from an online store had no choice but to browse to the retailer’s site on their desktop computer. Today, they are more likely to visit the store on their phone through a native application, a progressive web app, or a traditional server-rendered app. Or perhaps they prefer to buy from a store without ever leaving their social media network. Or they may shout to their smart speaker that they’ve run out of toothpaste and rely on it to relay the message to a retailer.
