As a tradition followed each year, it’s time for wishing Google Happy birthday. Just like every other search engine growing older google is also aging, jokes apart there is still a lot of controversy regarding the date 27th of September being the official birth date of google. Tracking back the records and doing some research clearly reveals that the ever so phenomenal search engine has celebrated six times its 18th birthday till date. This means that there is something seriously going wrong with the Google’s Birthday Celebratory Doodle. Let’s dig a little deeper into this, shall we by considering some evident facts:

There is a date when the company was conceived in the garage then we have the date when the company was officially incorporated and last but not the least comes the date when the Google site was first launched. Confusing much! We are too but let’s simplify it as the birth date of the company is what it chooses it to be, still, we cannot ignore the fact that the only thing wrong with the Google’s 18th birthday celebratory doodle is that it has clearly stopped aging.

Though what is an alarming moment of real concern is that why has a universally acknowledged search engine not given any importance to that! Well, it is evident that the date of birth of google has varied over the years. So it may be considered that not even our dear Google knows how old it is and what exactly is its real birth date. Nevertheless, we still wish it many more years of success and thank it for making our lives much easier by providing exceptional quality searching capabilities. Let’s face it that our lives have been affected in one way or the other ever since the invention of it 

The most popular e-commerce software today is Magento and it is more than likely to get attacked by many hackers since they want to get hold of your store. Hackers intend to steal the personal information and credit card details of your customers through brute-force attacks. These are simple trial and error attacks in which the hacker uses combinations of usernames and passwords in order to break into your account. Even though Magento itself has several build in security protocol and features yet there is still more you can do to protect your Magento store from security breaches. Over the years we have observed several improved security tactics which we recommend for all the merchants who want to further protect their store and stop hackers from getting access of it.

Custom Admin Path

The standard two sections in each Magento store for administrative purposes are located at /admin and /downloader by default. Through the browser you can access the Magento store by navigating to domain.com/admin. The admin panel is prone to abuse in several ways by hackers as they can launch the brute-force attack easily. Simple passwords and usernames can be guessed with a few minutes. Your site will become slower while it undergoes the attack and valuable server capacity is wasted.

To change the Admin path, go to Stores and choose Configuration. In the panel on the left, under Advanced, choose Admin and expand the Admin Base URL section. Then, do the following:

Set Use Custom Admin URL to “Yes.” Then, enter the Custom Admin URL and you are all set.

Choose an Intricate Username and Password

If you have changed your admin login page there are still chances that a hacker can locate it. To ensure more security you should use a username and password so complex that it becomes almost impossible to guess. Keep your password at least composed of 16 characters which are mixed with lower and upper case, numbers and also symbols.

Use the Upgraded Latest Version of Magento

Each version of Magento upgrades to newer versions which are often released to patch up the discovered security risks found within the software. This gives you reason good enough to update your Magento store to the latest stable version which is released in the web market. After the release of Magento 2.0 it didn’t take long to release Magento 2.1 since there were some prominent bugs which required update.

Update Your Antivirus Software on Daily Bases

This is an understood thing which goes without saying, but there are several Magento store owners who hardly seem to update their anti-virus software. Hackers can place key-loggers on your laptop easily that’s why you have to ensure that you are using an anti-virus software which is commercial graded and is being updated on a daily basis.

HTTPS/SSL Must for All Login Pages

Without a secure connection you are under the risk of being attacked by a hacker each time you use your username and password. You should eliminate this by always using HTTPS/SSL in Magento. For doing this click on the “System” tab present at the main toolbar and select “Configure” from drop down menu. After doing this click on “Web” tab which is present at the left hand navigation side, select “Secure” in the main window. You will be able to change the Base URL from here for your store, change it from http://… to https://… Do Not forget to select “yes” for both “use secure URLs in Front-end” and “Use secure URLs in Admin”. At the end, click “Save Config” which is present at the top of the page. Now you are set to go.

Ensure the Usage of Private and Secured Email Address

There are some sophisticated hackers who use social engineering to find out who is running the e-commerce site they are going to hack. Social websites like LinkedIn, Facebook are easily used to do searches regarding the company’s details and name. There are several companies and people who list their official email address in their social profiles or follow a standard email format of the company like [email protected]. The hacker tries to hack the company’s email address and after getting access of that they can easily reach your Magento admin panel and request to reset the password. They can now easily change the username, email address and password that links to the admin and get full control of your Magento store.
To stop this from happening you should never use your common email address for your admin login. Try using a private email address instead, which is not likely to be shared outside your company. For example [email protected] also use a very complex combination of password to ensure extra security for accessing this private email account.

Before and After Services of Outside developer Change Your Passwords

Each business requires the services of outside developers from time to time in order to help them with improving their Magento store. To ensure security make sure you change your admin and FTP password before giving them access. Once the work is done, then change it again. There is no surety that the companies you outsourced the work to are as guarded as you are. It’s always better to be taking extra precautions in such cases to avoid a security breach.

Do you want to know more tips about how to secure your Magento Store from brute-force attacks? Share with us the issues you have faced personally and we will provide you with more tips on how to safeguard your store.

The world of Web development is a rapidly changing domain. 2016 brought some of the hottest trends which you should be aware of if you are part of the web development community. You should follow these trends while designing and developing your website to maintain your position in the web market throughout this year. With new frameworks, evolving technologies and new layouts everything plays a critical role in attracting customers to your web page.

Let’s look at some of the hottest trends….

1) IOT (Internet of Things)

Much of the development in the app world is the result of IOT and it continued to grow enormously from 2015. It is expected to continue this growth till 2019 as it has played a big role in faster data transfer rate. IOT enables this process by linking smart objects while it is expected that with time a lot of advanced solutions will be innovated for the purpose of communicating with gadgets.

2) Motion User Interface

Last year’s emerging trend was Motion User Interface and it is expected to stay for long. The SASS library is one of the three main foundations for Apps by Zurb and it is used for creating animations quickly. Through its help it becomes a less complicated process to give a transitional smooth look to the apps.

3) Advanced Responsive Design

The web market is changing due to all the new technologically advanced platforms which will be using it. 2016 trends are considered to set the stage for next few years. There are several advanced devices, cohesive wearable gadgets, screens and advanced designed frameworks which are in huge demand and are considered to show a growing trend.

4) Upsurge in Real-time

The Real-time analytics are widely being used by mobile and desktop apps for activities such as live streaming etc. So the whole year is anticipated to witness an increased in its usage.

5) Navigation design for Full-screen

Usually for the sites which are browsed for mobile devices, the developers and designers prefer to use full-screen navigations. The increased use of this trend is observed as it enables users to jump to full-screen resolutions in an auxiliary natural way.

6) Adds blockers on the sites

A huge amount of money the website owners are losing due to advertisement blocking plugins. Many techniques have been developed which enable websites owners to avoid these growing effects. These new techniques happen to reduce the effects of advertisement blocking.

7) Containers Usage

To run, create and test an app swiftly Docker, a container service is used by the developers. A lot of advanced changes are making containers go huge this year. Docker is believed to evolve and gain more features and security.

8) Ultimate Browser Power

Throughout the past few years some major developments have been observed in the trend of things which the user can do with the browser. JavaScript is acknowledged as the browser’s de-facto language, making the browser more powerful than ever before. It stands out as the most powerful language for the year 2016.

9) IDEs

These days more people are turning towards cloud based versions of IDEs instead of using the traditional development environment. The key factors of IDE include fast accessibility and flexibility which is provided full-time even if you are not using it.

10) Enhanced Security

As users add different apps to their mobile devices the higher the risk becomes of the device getting prone to security breaches. The increase in the efforts to make apps extra secured and more safe is going to be a vivid trend of 2016.

11) The standard UX Bots

Popular apps in the web market like Facebook, Wechat etc. are using Bots and making the life of their users easier by providing easy use of their apps.

12) Apps Foundation

A single page app framework which is constructed through AngularJs and the flexbox grid framework. This framework empowers developers to develop quick yet easy and responsive web app creation. This year a lot of companies are believed to use it.

Final Thought

To make your website more tech savvy you can use these trends and increase the quality of your webpage. Many websites today are implementing such strategies to provide a competitive edge in the every growing web market.

Now that you are done with your e-commerce website and looking forward to evaluate yourself and the efficiency of your website we bring you some of the easy to use tools that you can apply on your website. There is no harm in running periodic tests on your website as this helps in gauging your site’s performance and your customers’ experience. The best part of these easy to use tools…..most of them are completely free.

These tools are good when it comes to testing your customer behavior and helps you measure your website’s speed, browser compatibility, and search-engine-optimization performance.

Usability Testing

1) Concept Feedback:

Visit their online portal, submit your website, landing page or even the mockup. The tool helps you get expert feedback from design, usability, and strategy professionals. This comes absolutely free and you can also have feedback from the community, helping you improve your webstore.

2) Google Analytics Content Experiments:

One of the most useful tool in the free kit, Experiments helps you understand how well different versions of your page work in getting your visitors to accomplish specific goals. You can easily test up to 5 unique variations of a page with separate URLs to check which one drives more conversions. The test comes free with a Google Analytics account.

3) Click Heat:

An open source and free of charge heat map, Click Heat helps you measure number of clicks on an HTML page. The application also helps in showing hot and cold click zones.

4) Crazy Egg:

Do you want to know where are your visitors clicking on your website? Crazy Egg features a heat map for clicks, a scroll map that displays how far down visitors scroll (helps you understand bounce rate), and a tool to distinguish clicks by referral sources.

5) Five Second Test:

Here is a tip, if you are worried about your user experience instead of asking a designer ask the end user. See what users can recall about your design in just five seconds. Figure this not and you can ensure that your message is being communicated as effectively as possible. You can further expand by asking users to answer a certain set of questions about your website. Test like the Feedback Army can help you with this.

6) Silverback:

A Mac-based usability testing tool, this allows you capture screen activity, make noteworthy moments within a session, allows you to record usability testing sessions, and set tasks.

7) UserTesting.com:

You can now watch videos of visitors using your website, receive written answers and ask follow-up questions with the help of UserTesting.com. The on-demand usability testing helps you create your tests with one of the customizable templates.

8) Feng-GUI:

The Feng-GUI provides you attention analysis. The test also simulates human vision during the first five seconds of exposure to your site visuals, and predicts what a real human would be most likely to look at.

9) Unbounce:

What else does a website owner want more than visitors staying for long on his website. This A/B framework with a single click maneuver allows you to test your campaigns and learn about customers’ preference on different content, offers and ideas.

10) Optimizely:

Now learn about your customer visitor segments and optimize your conversion funnel. Track engagement, clicks, conversions and sign-ups through multiple pages with A/B and multivariate testing.

11) Spur:

This is the easiest and the most fun way to critique web designs. With a simple URL paste or an image upload you’ll be able to use seven different tools to help find what’s working and what isn’t.

Performance Testing

1) Monitor.Us:

Now with the help of this you can view your entire web and cloud system, all from your control panel. Have a look at your applications, databases, site availability, and response time – plus server and network health.

2) Google PageSpeed Insights:

PageSpeed Insights analyzes the content of a web page, then generates suggestions to make that page faster.

3) Browsera:

Learn all about your cross-browser layout differences and scripting errors on your site. The features help you crawl and test all of your pages. You can also collect JavaScript errors from each browser and have it analyzed.

4) BrowserStack:

Now you can test your site on real time browsers. This also includes smartphone and tablet emulators, helping you test your website on a large range of devices. The test also uses a wide range of developer tools along with automated testing.

5) Perfecto Mobile:

Worried about exclusive mobile handset experience? Now test your website on each handset and ensure optimal compatibility along with application and all additional services. Perfecto Mobile allows you to access real mobile handsets and tablets connected to live mobile networks spread in different geo-locations.

6) Browsershots:

A free open-source online web application, Browsershots takes screenshots of your site in various operating systems. This helps in learning about websites’ browser compatibility in one place.

7) Cross Browser Testing:

Cross Browser Testing makes you test your website in AJAX, HTML forms, JavaScript, and Flash in numerous browser and operating system. The application brings you instant results from dozens of browsers.

8) W3C MobileOK Checker:

The checker initiates various tests on your web page to evaluate its mobile-friendliness. It assesses basic usability, efficiency, and interoperability, based on the WS3 Mobile Web Best Practices.

9) Xenu Link Sleuth:

Imagine having broken links on your website that you are unaware of? This effects the credibility of you webstore and pushes your website down on Google ranking. The test is for such broken links. The verification is carried on links, images, frames, plug-ins, and more. It displays a continuously updated list of URLs that you can sort by different criteria.

10) SEOmoz:

The mother of all tools, the SEOmoz brings you a collection of tools to test your webstore SEO health. With a crawl test, test for broken links, analyze keywords, and much more you are helped in accessibility issues and tracking rankings to ensure your optimal performance.

11) Link Research Tools:

This is also a set of tools that can help you test your site. You can run a Link Detox to analyze all links on your website and get alerted about suspicious ones. Find links to dead pages on a domain, as well as the strongest sub-pages and sub-folders of a domain.

We hope that the tools will come useful and will help you gauge your site performance and help build a better user experience and improved functionality. Keep visiting us for more on e-commerce management and learn all the latest that is there in the market.

Till then Ciao guys.

The ecommerce world have evolved extensively in the last few months. Platforms and structure are changing drastically and incorporating newer and better features for better user experience. From WordPress to Woo Commerce everything has changed. Another of such platform that has gone major change because of ecommerce developments happens to be Magento. For now, Magento, is considered one of the most updated and secured platforms mainly because of its regular updates. Surveys not put the ecommerce platform on a substantial 26% percent in terms of webstores reliance. This means that every one of four webstores are developed on Magento, a number that makes it an impact making force.

There can be no denial of the fact that though with all the available security updates the ecommerce world still remains at a continuous threat, one that keeps on growing. Cyber criminals are always on the prowl to find any weakness in the code or any loophole left by the user through which they can wiggle in.

The most common type of activities that are staged by these cyber criminals in order to gain access to a webstore include.

->Spamming

->Phishing

->Stealing user data

Though Magento developers keep on rolling out security updates on regular basis there still remains a lot to achieve. There happen to be a lot of DIY Magento security best practices that website administrators should follow in order to keep their efforts protected. In the ecommerce store business it all comes down to Trust. These tips would help you in keeping your webstore protected and keeping the trust factor intact.

1) Go Latest

Well there might be a version you felt comfortable with. Assuming that you the have the best extensions and security updates, users normally avoid moving onto newer versions all because of their convenience. Magento has been continuously getting updated with security patches. Hence, it is very important to stay informed about the latest Magento version. Once a stable release is out, test it and get it implemented.

2) Two Tier Verification

As the famous saying goes, never put all your eggs in one basket. Either go for multiple basket or for multiple trips. Same is the case with Passwords. Either you need to keep on changing your passwords on regular basis with the most complex combinations or you opt for a two tier authentication. Two tier helps you discourage attacks more effectively. There are a few extensions that deliver two-factor authentications taking away your password worries and easing your Magento security risks.

Here are two of the leading extensions that can help you impose 2 tier system.

->With Rublon only trusted devices are only allowed to access Magento backend by using a smartphone app. The app that uses a layer of stealth is available for all popular mobile OS platforms.

->Another of authentication application that is available is TWO-FACTOR Authentication. The extension allows you to implement complex authentication mechanisms which include limiting log-in attempts.

3) Custom Path Admin Panel

Modifying your typical admin panel, a new modified version is made available. The typical admin panel that is accessed by going to my-site.com/admin, is very easy for hackers to get on to your admin log-in page and start guessing passwords.

You can change your Magento admin path by following these steps:

->Locate /app/etc/local.xml

->Find <![CDATA[admin]]>

->Replace the term “admin” with your desired word or code

4) Encrypted Connection (SSL/HTTPS)

Data flow always happens at a certain risk. Sending confidential information such as login details, across an encrypted connection exposes you to assailants, who can have this information and use it as an excess point for your website. To eliminate these issues, it is essential that you use a secure connection.

The method for getting a secure HTTPS/SSL URL is very easy on Magento. You simply need to click on the tab “Use Secure URLs” in the system configuration menu. This is also one of the key elements in making your Magento website compliant with the PCI data security standard and in securing your online transactions.

You can also get a SSL certification by StartSSL. This will alongside help you in becoming PCI compliant.

5) Secure FTP Connection

One of the common path that hackers these days use to gain access to a website is by guessing or intercepting FTP passwords. You can avoid this by simply using secured passwords and SFTP ((Secured File Transfer Protocol) that uses a private key file for decryption or authenticating a user.

6) Have a Backup Plan

You can have a NSA operated firewall and a team of world class experts protecting your webstore round the clock, yet you will always need a backup plan and cannot shy away from it. Your strict preventive measures for security can go all wasted if you are not using a proper backup. The process may well include hourly offsite backups and downloadable backups. In case of a website crash, a backup plan ensures the continuity of your services.

Data loss can also be averted by storing backup files off-site or simply outsourcing the job to an online backup provider. It is always wise to check with your hosting provider if it has a backup strategy.

7) Directory Indexing

Wandering in unchartered territory if you are not of being followed and don’t want to be exposed it is always advised to cover your trial. This is exactly what directory indexing helps you with. Hardening your Magento site, disabling your directory indexing helps you hide the obvious pathways via which the files of your domain are stored. This keeps away the cyber crooks from Magento-powered website’s core files. Be advised, this is not permanent solution and those who are interested can always access your files if they already know what the full path of your files is.

8) Having a Strong Magento Password

You can secure yourself with Magento strong passwords. Always have special focused when you are deciding upon a password. Use the standard password techniques that involve mix of upper and lower case alphabets, numbers, and special characters like ?, >, etc. (Use a password management service if you have a problem of remembering a difficult one.) Additionally you can protect your Magento password by not using the same combination anywhere else, while keeping it exclusive and complex.

9) No Email Loopholes

Though there is a great password recovering facility that has been incorporated in Magento, you yourself need to make sure that the e-mail address you use for Magento is not publicly known and it is protected with two-factor authentication. Email hacks can create a lot of trouble and your whole Magento store becomes vulnerable

10) Your Hosting Plan Matters

If you are a startup and cannot afford to have a dedicated hosting or more secure virtual private servers, it is advised you go for shared hosting, a cheap mean for hosting a website. This may involve a certain compromise on your Magento security but measure can save you from complete disaster. If you find yourself having problems with shared hosting you can shift to dedicated one, this limits your resources and if there is a sudden spike in your traffic, the website has a good chance of going down. Managed cloud hosting has its own advantage. Robust security with frequent patches at server-level saves you big time.

11) Say No to MySQL Injection

Complete reliance is never a good option. So, at a place where we are pitching you great Magento security features, ones that even involve support to outmaneuver any MySQL injection attacks with its newer versions and patches, it is not always an ideal approach to rely only on them. It is highly advised that additional web application firewalls such as NAXSI are even installed for customer safety.

12) Always Have Reviews

No one is perfect, not even the best of Magento security experts. Where many of them may claim themselves to be good at coding only few understand the intricacies of Magento site security. You are therefore suggested to have yearly (even semiannual) reviews of your website for apparent loopholes and security shortcomings. If properly done, these reviews help in further hardening of your Magento security measures.

13) Listen From Others

Magento has a thriving community of techies who are always there to help you in the time of need. You can search and post queries regarding any security issues of Magento or its features. The Magento Community members also release security reports on various versions of Magento, so look out for those as well.

Conclusion

There can be no doubt of the fact that Magento is a robust ecommerce development solution. Though these tips would help you come over a number of your issues there are complexities that require expert advice. It is always good to have consultancy from service providers that can help you bail out from such scenarios.

Magento has always been the center of attention in eCommerce sector. Many experts in Magento development and even newbies are concerned about the top Magento influencers/developers to follow in order to stay updated with latest eCommerce trends.  In order to maintain the quality of work, Magento introduced Maganeto Master’s program which includes world’s leading Magento Makers, Movers and Mentors. Here are the details of Magento Masters-Makers that have contributed immensely to the Magento community.

1. ANTONIO CARBONI

Meet Antonio, he is a certified Magento frontend developer.  He Works at Cagliari in Sardinia and collaborates with different companies. He is the author of Magento Guida Al Design. His expertise level has contributed a lot to Magneto Community. He was also the speaker to Meet Magento Italy 2014. He is the Megento Master 2016 and also the founder and frontend Developer of Magenio.

“Magento is currently one of the most popular and innovative CMS, dedicated to the world of electronic commerce. The platform is still poorly understood, why I wrote guides easy to understand, all in ITALIAN!” (Carbonio).

2. MIGUEL BALPARDA

Meet Miguel Balparda, community Developer at Nexcess. He is energetic and constantly shares his knowledge with the community by responding to queries in Magento Stack Exchange. For years he has been traveling to different countries implementing some of the biggest of Magento projects. He has contributed a lot to Magento Communtiy and his famous presentation include Magento 2 Performance and Best Practices. He is Magento Master of 2016.

3. ALEXANDER GALTSOW 

Meet Alexander Galtsow, VP Communication and Partnerships at aheadWorks. He holds a degree in International Law but devoured in the eCommerce sector in 2012 and is engaged with Magento since then. He was selected as 2016 Magento Master based on his contributions through the extension Developers Network (EXTDN). His efforts in expanding the Magento marketplace and engaging companies in moving to magneto 2.0 are commendable.

4. JAMES LEE

Meet James Lee, President of Aspiration Hosting Inc, has been engaged with Magento community since 2008. He has been sharing his knowledge in community through Magento forums. His contributions and efforts towards the community have made him 2016 Megento Master.

“SpamExperts is a worthy investment for any company who has spam problems, as it really helps reduce the amount of spam emails without many false positives. Besides that, the SpamExperts team is generally very helpful throughout our deployment and day to day usage,” said James Lee, President of Aspiration Hosting Inc.

5. HIROKAZU NISHI

Meet Hirokazu, CTO of Veriteworks Inc, a certified Magento Developer. In September 2007, Nishi got introduced to Magento and explored upon Japanese localization. Nishi’s efforts have contributed a great deal to Magento community. He organized Meet Magento Japan, the Meganto Japan User group and Advent Calendar Magento blogging project. He is 2016 Magento Master.

6. KRISTOF RINGLEFF

Meet Kristof , the founder of Fooman, a Magento technology partner and extension provider. His company is trusted around the world. Kristof has been engaged with Magento since its first release and has contributed in making lots of free and commercial extension that aided administration and saved time and money. Kristof offers friendly and trusted advice on Magento. He was selected as 2016 Magento Master due to his tremendous contributions in community through Auckland Megento User Group, MAgento Stack Exchange and enabling extension company dialogue through the Extension Developers Network (EXTDN).

7. MUKESH TIWARI

Meet Mukesh, senior software engineer at Brady Corporation in Banglore, started his career in 2012 and has been working with Magento since then. He usually spends his time on Magento Stack Exchange as well as StackOverflow. His has contributed on Magnento Forums on range of topics and has helped the Magento Community in India, helping him become Magento Master 2016.

8. KUBA ZWOLINSKI

Meet Kubs, Founder & CEO of Snowdog, Silver Magento partner and certified Front End Developer. He is the father of three amazing kids’ White water, Kayker and Trail Runner. He is the organizer of annual international Meet Magento conference in Poland, an annual meet-up of Magento community and enthusiasts from all over the world. Kubs is translator and manager of Polish language pack in Magento 1 and 2. When it comes to work he is a dedicated professional. His contributions to Magneto have made him Magento Master of 2016.

Conclusion

The Magento community is enriched with people willing to help newbies and professionals. Thanks to Magento Masters program which revealed us the top Magento-Makers in Magento community. Magento Masters play a great role in building up a sustainable Mganeto community. The contribution from every single person counts so if I missed someone, feel free to share your opinion in comments below. Your opinion can aid my knowledge.