If your brick-and-mortar store was on fire, what would you do? You’d call 911, drop everything you were planning, and do whatever it took to put the fire out.
Here’s the scary part: there’s an excellent chance your store IS actually on fire—only we’re not talking about your physical store, we’re talking about your Magento eCommerce platform. If you don’t think so, ask yourself when you last had a code audit. If the answer is more than a year ago, your online store probably has security vulnerabilities that are just as dangerous as a raging fire inside a physical building. And if there were fire hazards in your actual store, would you just cross your fingers and hope for the best? Of course not—but this is how many eCommerce companies handle their Magento stores.
Don’t wait until you smell smoke. Just as every building has a fire escape plan, you need a strategy to handle an eCommerce blaze. Here are three steps to put out a Magento eCommerce fire.
1. Check it on Magereport
If your building was on fire, what’s the first thing you do? You wouldn’t run around flailing and screaming—you’d stop and evaluate the situation. You would look at where the fire is before you tried to figure out how to stop it.
The same principle applies to protecting your website. While you can’t make your code stop, drop, and roll, you can check for the flames by visiting Magereport and entering your URL. If you see any orange or red boxes, you have serious security vulnerabilities that need resolving. While Magereport makes it easy for you to see your site’s weaknesses, it also makes it easy for everyone else to see any security weaknesses you have. How would you feel if someone could type the address of your store and see how easy it would be to break in?
That’s why you need to know if your store is on fire. Just as possessions and assets can go up in flames in a real fire, weaknesses in Magento can destroy your life. Sure, you might be thinking,
“People can see my weaknesses on Magereport, but do I really need to be afraid of? I’m not Sony or the White House, why would my data be valuable to anyone?”
Two-word answer: online payments. Getting the customer payment information that your platform processes is incredibly lucrative for hackers. Without the right patches, someone can run a script that will scrape the credit cards of everyone who uses your site. This can cause online payment processors to pull out of your site and you could be sued for damage inflicted by the scraping, effectively ending your business. The lesson? Don’t let code weaknesses destroy your online store.
2. Get Expert Help
Once you determine that there is a fire, you need to find the cause. More than Magereport, you need to know where your eCommerce issues are and how you can fix them. When’s the last time you reviewed the code for your website? Several months? More than a year? No matter how you answer, your site can benefit from an outside expert checking your security and store functionality. The way Atlantic BT handles that is by doing a code audit.
Essentially, a code audit reviews core Magento code, any plugins, modules, or third party integrations and the code functionality. In every audit, we:
- Document third party dependencies and integration points
- Identify areas for improved ease of administration
- Identify if versions of Magento/PHP will also need to be upgraded based on Theme selection
All of this can tell us how your website can run better and what you’re at risk for. That way, we can eliminate virtual fire hazards before they burn your website to the ground.
It’s important to note that, while a code audit does run analytics for your online store to evaluate site performance, this is not the main focus of a code audit. A code audit is not a marketing tool designed to directly leads to sales; it’s about seeing what’s broken. While you might think your budget is better spent on improving your online marketing, remember that you can’t market a hacked website with revoked payment methods—just like you wouldn’t spend money on more advertising if your physical storefront was on fire.
3. Clean Up Your Code
Just as a messy store environment can be more of a fire risk, messy code can make your eCommerce platform more vulnerable by allowing hackers more opportunities to enter your system. Too much clutter in the backend can also slow your website down and make it harder for customers to navigate. Unused plugins, the wrong version of Magento, or using poorly-designed themes are all things that we look for in a code audit. More specifically, we:
- Identify themes that will have the least impact to the site’s functionality.
- Make estimates of future design and development phases based on theme selection.
Checking on the themes, what plugins are actually being used, and other site analytics can tell us how your eCommerce page is performing. Not sure this is an issue for you? Check it out yourself. In this blog post, we take you through step by step to check for browser rendering issues in Google Analytics. Once you see what’s going on, our code audit can give you a good look at what’s contributing to that in the code.
Don’t Fight Fires Alone
Finally, don’t forget to get someone to help you along the way. At Atlantic BT, we have the resources to perform code audits and put out your eCommerce fires as well. Once you see how your site is doing with Magereport, reach out to us about getting started with a code audit.