Click Fraud

Although every project is different, we are evolving a checklist of tasks which are common to most Magento web shop projects, when moving Magento store from development stage to production environment.

Maintenance.flag First of all “touch” this file in the root of the Magento installation and it will display a holding page while you are going live. Especially useful if you are using something slow like FTP. Move this file across first and then queue the rest of Magento to transfer.

HTML Head Do not leave the original out of the box default values in the HTML head. You should at least change the “title”, “meta description” and “keywords”, which are essential for the search engine optimisation of your store front. You can access these values via the admin panel: System → Configuration → General → Design → HTML Head.

Catalogue Placeholder Images First of all, lets be clear – your online merchandiser should make sure that all products have images uploaded and associated with them. However, in the real world / or in certain edge cases where products are imported and activated and deactivated quickly – it can be important to make the products available for sale immediately even before images have been made available. In this situation, Magento will display images shown when a product does not have its own image. To do this, create a default set for your site or for a category of products and place them in: catalog/products/placeholder/image.jpg, catalog/products/placeholder/small_image.jpg and catalog/products/placeholder/thumbnail.jpg. Alternatively they can be uploaded in admin: System → Configuration → Catalog → Catalog → Product Image Placeholders. for a specific store view or for the global website.

Contact DetailsEnsure all the store information and email addresses are set. You will be able to find these in System → Configuration → General and System → Configuration → Store Email Addresses.

Transactional Emails Transactional emails use a different logo to the default one. Make sure that the image that you want to use is saved in your theme directory as logo_email.gif. Remember that the sales confirmation email is the one email which is guaranteed to be opened by your customer. Dont waste this opportunity to include details of store promotions or add requests for user generated content in exchange for vouchers etc. Test email templates thoroughly to make sure they all contain the correct contact details, (which you have set above) and that the correct mail is sent during your chosen observed event.

Base URLs These are access URLs which are stored in the database table core_config_data usually against core_config_id = 3 and 4, but these are likely to change and should not be referred to in this way, instead you can run a query against the path LIKE ‘%secure%’ but this can also be accessed more easily through the admin interface if you have access to: System → Configuration → Web. When you move the site from development environment, they need to be updated otherwise all URLs will be referring back to the staging site.

Favicon Do not forget to create a favicon to strenghten your brand and gain attention amongst all those multiple browser tabs which your customers have open in today’s modern browsers!

Plain Text Passwords are a Security Vulnerability It is a security risk when a website sends out registration or reminder passwords in emails in plain text format. Unfortunately, Magento out of the box, does this by default as soon as a user signs up for an account in your store. To change this behaviour, update the transaction email for “account confirmation” and replace the password with some obsure pattern such as “*****”. If merchants are interested in a “click-to-reset” password recovery module for Magento, please get in contact.

Change the Admin Url Another security issue, it is best to change the URL that the admin interface resides on, to obscure the location of the admin login form (to prevent bots trying to hack into the admin user account). This can be set in System → Configuration → Advanced → Admin → Admin Base URL. Of course make sure your login username and passwords are stored securely, are hard to guess and are changed regularly.

Invoice and Packing Slip Design can be specified in the admin. This is where, you can upload the logo that is to be used for invoices. This is very important aspect of providing your customer with a warm feeling inside when they make a purchase on your store. It is the bricks and mortat equivalent of packaging the items in a cardboard box with a ribbon tied around it and placed in a branded store bag. Just because the customer is online, there is no excuse not to try to offer the best possible service to them as they leave your store. Alternatively you can place logo_email.gif in your images folder in the skin directory.

Tax Settings Double check if anything in the configuration was overlooked in the development phase. These can be found in System → Configuration → Sales → Tax and also Sales → Tax.

Shipping Origin Directly related to the tax settings, the shipping origin needs to be set to the correct country in order to use the appropriate tax rates, otherwise the default country of United States of America will be used and probably the tax calculations will not be made correctly.

404 PageNot to be pushed to the side of a development of any site. Remember to test it. Customers that find it will already be disappointed, do not let yourselves down by leaving the default Magento blocks still there. This is a great place to advertise your coupons, special offers and details of your user generated content uploading points. Make sure you remove the reference to “Magento Store”. In the CMS page for 404s.

Clean Test Data and Import Remove all products, orders and customers that were created during development. Import customers and orders from the live site of the incumbent system so that sales histories and customer management is seamless.

Product Inventory When importing products the first time around, it is unlikely that you set up to manage stock during development. Before you go live, check with your client which configuration is required. Usually another product import may be required with the actual stock levels included should be putting the store live.

Error Page Design When there is an error on the site, or the maintenance.flag file is set, a different theme is used to display the error message. Without changing this your customers will see the Magento logo and default theme. To adapt this page to your own template you will need to modify the files located in the errors directory. You will not want the error page to print a stack trace. To stop this happening open errors/local.xml (assuming you are working from the sample), and then change the action from “print” to “email”. You can then set an email address for it to send the error report to.

Index Management Ensure you have re-indexed after making any catalogue changes and product and inventory imports.

Caching although on by default would have been the first thing you disabled when beginning development. So, remember to re-enable and refresh it when you are ready to release. If you are using Full Page Cache on enterprise make sure you test with 2 hits on each requests for 2 different users plus anonymous user, so that you can test cache containers are working correctly

System Compilation Another essential way to keep the loading time of your Magento site down, (approximately 25-50% faster page load depending on the amount of custom coding), is to compile it. Older version of Magento had some issues with this feature, but the latest Enterprise, Professional and Community Editions work perfectly. You will be able to find settings for this in System → Tools → Compilation.

Google Analytics To measure how the traffic converts from day one. Magento does all the hard word for you, just set up your Google Analytics account and then put your account number in System → Configuration → Sales → Google API → Google Analytics.

Google Base an essential Google service that is already integrated into Magento. There are a few steps to do this, but we can help if you need more details get in touch

Google Sitemap Simply “Create Sitemap” in Catalog → Google Sitemap. Then, if you are using Google Webmaster Tools you can also point Google towards it. Dont forget to regenerate the sitemap when new CMS content, categories or products are added, edited or removed.

Newsletter Subscriptions Test that customers can sign up and unsubscribe and that newsletters can be sent before you have real customers in the system.

Shipping Methods If you are using a fixed product or cart fee then make sure it is set. If you are going down the cart weight route then you should confirm that the logic is correct and that all products have weights attached to them.

Payment Gateways Double check that your payment gateway is ready to go from testing to live. This should have been tested when you tested the transactional emails earlier.

SSL Certificate Many payment gateways will not allow you to take the system live until you have one.

Module Licenses Some community modules from Magento Connect require you to enter a license key – is the key valid when you move domains? If not find out how to obtain a new one.

Automated Tasks – Turn on the Cron JobsSome tasks in Magento require scripts to be run periodically in order to keep things up to date, e.g. Google Sitemap.xml. In order to configure these you will need to look in System → Configuration → Advanced → System and modify the Cron.php file in the root of your Magento installation.

Log CleaningMagento keeps logs in the database, which, over time, can become bloated. There is an option in admin to clean the logs periodically, it can be found in: System → Configuration → Advanced → System → Log cleaning. This will need enabling as it is disabled by default, we recommend daily cleaning. For high traffic stores, you should optimise the log tables regularly as well in order to keep their size down.

Database Backup and Restoration Strategy Make database backups regularly, and know how to restore when the time comes. There’s even an Automatic Database Backup module to do it for you.

Support Once you have gone live, don’t expect that to be the end of development. There are likely to be many bug fixes, editions and further development work. We recommend using an SVN or git repository to keep up to date with all changes. This way we can always have two identical versions of the site; one that is public facing and the staging area. Once we are happy with changes we can push them live. With ssh access this could not be simpler with a git pull but becomes slightly more difficult if only FTP access is available, in this case we need to create black boxes of code and tag them before releasing them in a controlled manner.