1. Saucal
  2. Read Blog

Damn Good Content To Grow Your Business In The Digital World

Insights, Ideas and Innovations from the brains of the Saucal NERDS.

Suffering from Slow Search Speeds in WooCommerce? Give Your Site a Boost with this Free Upgrade
28 Sep

This post originally appeared on Codeable.

We’ve recently experienced some serious issues with WooCommerce search on eCommerce sites that process a large number of orders. The postmeta table needs to be queried when looking for a specific meta_value, which causes a major slowdown. For example, querying the “my orders” section would take 5s or possibly even more, depending on the server environment. To make matters worse, performing searches on the “Orders” screen for orders belonging to a specific email or person can take 30s or more (due to the involvement of extra JOINs on the postmeta table).

Both of the above examples are unacceptable for a website with high amount of traffic and had to be addressed.

Current Solutions And Associated Limitations

After doing some research, we’ve found that these issues are currently handled in one of two ways:

The ElasticSearch solution sounds good in theory, but our experience leads us to believe that it is not a good thing to integrate with WordPress. This is due to the huge number of differences between the base WP datasource (which is MySQL tables) and the ElasticSearch indexes.

While ElasticSearch performs partial searches very well and is pretty good at “guessing” what you intend to write in the search query, these minor benefits are definitely not outweighed by the downsides of integrating these two data sources:

  • latency between the ElasticSearch instance and your hosting provider (note that this won’t be an issue if you have ElasticPress installed on the same server as your PHP environment, but this is not a common scenario with today’s managed WordPress hosting solutions), and
  • the number of orders covered in each result (across all pages) is narrowed down to just a couple hundred.

In this case, we would need to query the ElasticSearch instance and then pass on the matched post IDs to WP_Query (while adhering to the max length of the SQL query being sent to MySQL). This breaks the workflow for wide range searches, and could potentially provide a misleading number of total results to the store manager searching the Orders screen.

Now, onto the secondary index table. The original solution was presented to us by Patrick Garman, a fellow WordPress developer. He originally intended to just improve the “My Orders” section of WooCommerce, but we thought that this fell a bit short for our needs.

We know that his current implementation is just meant to be a temporary fix until the release of WooCommerce 3.0 and the huge database revamp that is planned for it (which will fix the issues we are discussing in this post). We also know that WC 3.0 is not slated to be released until mid-2017, and since we need to make our customers happy before then, we forked Patrick’s implementation.

Our Proposed Solution

The original implementation of the order index only indexes the Order IDs and the Customer IDs in a secondary table (which is what Patrick set out to fix). His solution is to modify the “My Orders” WP_Query to use his index.

We extended this in a couple of ways:

  1. We’ve included the customer emails (both the billing email on the order and the customer email which is derived from the customer assigned to the order). Whenever you search an email in the orders view of the admin section, we trigger the use of the index instead of postmeta.
  2. We’ve included the customer names (billing, shipping, and display name of the assigned customer).

Here we come across an issue; we don’t want to completely remove WooCommerce’s existing search features, but we need to have some way of using the index conditionally for faster searches. This is because our index doesn’t support Address search, for example, and WooCommerce functionality covers that.

In order to achieve this, we’ve included a parameter like search. Whenever your search parameter is “name:John D,” we return all orders with names that match John D using a wildcard search. You could search for the Order ID in WooCommerce but we felt we could make it easier, so with our solution, you can just enter the search term “#1456” and have order 1456 returned to you.

How To Implement It

In order to install this index, all you have to do is install our fork of the plugin and then enable it. Here’s the URL: https://github.com/saucal/wc-customer-order-index

The only complication at the moment is that you need access to WP-CLI to create the initial index. We’re working on enabling an AJAX interface which will allow you to build the index without WP-CLI.

For now, after you enable the plugin, you need to open up your WP-CLI interface and enter the command “wp wc_coi reset_index” for it to start generating the index for you. The time this process takes will vary depending on the number of orders you have on your site.

How Things Have Changed

WooCommerce Search Before

With the use of this plugin, we have been able to vastly improve the performance of our customers’ large stores. Here above you can see an example where the time was up to almost 40 seconds. In one of our worst performing cases, email search on WP-Admin was taking over 50 seconds.

WooCommerce Search After

Using this plugin, we reduced the search time to less than 5 seconds, improving it by 867%!

Wrapping Things Up

We tried the ElasticSearch solution for one of our customers and it had too many moving parts for our liking. We prefer something that stays within the scope of WordPress and doesn’t require our customers to sign up for any external services.

To be clear, this is not a problem of ElasticSearch as a technology. It’s just that it’s too different from how WordPress works, so integrating the two created a few downsides that for us were deal breakers considering what we were trying to achieve. Additionally, we had to rely on a complex third party plugin (10up’s ElasticPress).

We iterated on Patrick’s approach and extended it to fulfill our customer’s most common needs. As a trusted WordPress agency, we know that this is not the prettiest solution since it duplicates a lot of the data. We just want to provide our customers with a solid workaround until WooCommerce 3.0 is released and renders this solution unnecessary.

Would you have done something different? Feel free to send us a pull request on our repository, we’d love to see alternatives!

High fives to our lead developer Matias for helping me with this article.

written by
on
Show comments
Load this article
Case Study With Seth Kravitz: Hitting the Next Level
26 Sep

Does this sound like you?

You’re getting by with the development team you’ve got, but you’re bursting at the seams. You want to take risks and move your company to the next level, but you’re not sure your team can really handle everything that needs to be done.

Well, that’s the very issue one of our clients faced when we first started working together.

Meet Seth Kravitz, CEO of Phlearn.com. Phlearn is the #1 Photoshop and photography tutorial website in the world, with 1,000,000 YouTube subscribers and customers in 140 countries, they have built a trustworthy, engaging and supportive community available to anyone with a passion to learn.

seth_kravitz_4

Seth spends his time making sure that Phlearn is equally affordable and accessible (without the ego, of course), but he’s most interested in pushing the boundaries of what’s possible with Photoshop, and taking risks to move the company into new territory.

We recently caught up with him for an interview discussing the unique challenges he faces moving his business to the next level, and how we’ve been able to help him maintain steady growth during the process.

Grab this list of powerful takeaways from our case study with Seth Kravitz
Click Here

Seth has only taken over as CEO in the last few months. His goal is to take the company from where it’s been – holding steady for the last five years – to being a much bigger and better platform.

“It’s nice and all,” he quips, “But I think it could be a larger and much more amazing company.”

phlearn

His main challenge in accomplishing that goal was getting the most out of their current platform.

Because Phlearn was already utilizing WooCommerce to power their transactions, Seth needed a way to really get the most out of the platform without sacrificing a lot of his personal time digging through code and reconfiguring the system.

After all, he’s busy trying to revolutionize the Photoshop game. He shouldn’t have to spend hours doing all the dev work.

“I honestly would have started over from scratch, but everything about Phlearn is so heavily built into WordPress that I needed to find an agency that does nothing but WordPress, and more specifically WooCommerce. You really don’t want to mess around when it comes to WooCommerce” (we agree, Seth!).

After a few online searches for agencies in North America that do WordPress/WooCommerce, he decided to ask some engineers over at WP Engine for recommendations. They graciously pointed him our way.

That’s when we had the privilege to meet with him and get more details about his vision and where he wanted to take Phlearn over the next few years.

Phlearn is slowly becoming one of the bigger players in the creative education space, and Seth’s goal is to see that influence reach farther. Security and speed are priorities for his site because he’s looking to transition from their current system to streaming tutorials online.

As of now, users are able to purchase and download tutorials through the WooCommerce platform, but Seth would like to see that grow to something more user-friendly, like a subscription-based model.

phlearn2

That’s part of the reason we’ve been working with Seth: to get his site moving in the right direction.

“On top of getting WordPress sites to be lightning fast, stable, and secure, Saucal has a lot of experience with people switching over to subscriptions. Helping power that transition seamlessly will provide a better experience for the user.”

“I just want people to have a really great experience on our site,” he adds.

But we know that transitioning into subscriptions isn’t always easy, and our goal was to make sure that Seth wasn’t bogged down with the little things so that he could keep kicking ass at the big things.

“There are tons and tons of little projects we’ve been working on as well. Saucal has been very responsive. They allow me to hop on a Slack channel and go back and forth with them at any time, which is wonderful from a customer standpoint. You can tell they’re not just two kids in a basement.” (That’s true).

“It’s like having my own private dev team.”

Click To Tweet

We love working with Seth and his team, and we’re dedicated to helping Phlearn hit the next level so he can take over the Photoshop world (and possibly the rest of the world, too).

If you want to learn more about Seth or get started brushing up on your Photoshop skills from his sweet tutorials, check out Phlearn.com. You won’t be disappointed!

Don’t forget to download this list of powerful takeaways from this case study
Click Here

written by
on
Show comments
Load this article
Can Your Business Grow Too Fast? Yes, Yes It Can
12 Sep

Don’t get us wrong… growth is definitely a good thing.

At the beginning stages, growth is exciting. It’s a genuine validation of all your hard work, time, dedication, sweat, blood, and tears. And, of course, growth is great for the ol’ wallet.

But growth is kind of like owning a pet: One bird is cute. A thousand birds is a Hitchcockian nightmare.

Too much growth too quickly can actually be somewhat damaging to your business if you’re not ready for it. What starts as simple “challenges” you and your team have to face can quickly turn into larger hazards.

Here’s what you really need to know about growth…

Grab your copy of 7 ways to deal with order overload
Click Here

 

business_magazine_illustration_by_vclclown-d36z9kc

Growth Hazards

The e-commerce business is booming, and according to recent research, it’s significantly outpacing brick-and-mortar retail. In fact, if projections are correct, worldwide e-commerce will grow at a rate between 13-15% by 2018.

But rapid growth can bring about some unwanted perils, including (but certainly not limited to):

Cash flow crunches. More growth means expansion. You’ll need to hire more people to manage sales, production, customer service, and more. You’d be surprised how quickly the ebb and flow of cash is suddenly out of control. You maybe, possibly, definitely will experience times of famine.

Spending temptations. Of course, there will be times of feasting, too. Have you ever been so successful that your eyes practically turned into dollar signs? Well no, because you’re not a cartoon. But having a sudden influx of cash makes you feel as if you can buy just about anything (and you might try). Just remember that part of your budget has to go to things like adding team members and bolstering your infrastructure. You’ll have to save your checks to Acme Inc. for another day.

Operational clumsiness. In the old days, a setback in the production schedule or a temporary error on your site probably didn’t cause you to break out into hives, but suddenly it becomes very, very important for all the cogs to operate as functionally as possible.

Customer service failures. On the one hand, being popular is swell. You’ve got customers clambering for your product left and right! They might as well put your name in lights, because you’re headed for the big time! That is, until you realize that more business means more complaints and that you’ll need to beef up customer service if you don’t want bad reviews.

Human resource risks. Hiring new people always comes at a price. If they work out, you’ve gained a valuable resource. If they don’t work out… well, turnover isn’t great on the pocketbook (or the general morale of your business). You will have to learn how to hire smarter.

Decision making changes. Along those same lines, you will have to learn how to make better decisions in general. Roles will shift and responsibilities will be added. You will have to step back from the day-to-day productions that gave you so many thrills in the beginning in order to transition to a leadership role. That disconnect may affect the daily processes of your business if your infrastructure is still weak.

Leadership shortfalls. Finally, you may run into the realization that you just might not be totally ready for the leadership role that has been thrust upon you. It happens. We’re not saying it will happen to you, but we’re saying that growth does funny things to people.

Thankfully, all of these risks don’t have to spell doom if you can recognize them before they happen and learn habits that prevent overload.

Beef up customer service if you don’t want bad reviews.

Click To Tweet

7685847_orig

Preventing Overload

Here’s what you need to know to keep your company running smoothing during any kind of growth (hint: the earlier you can implement these in your company, the better):

Be a soft wineskin. Fun fact: Back in the olden days of winemaking, they would pour grape juice into a leather wineskin where it would then be left to ferment (don’t worry, this is going somewhere). The fermentation process would cause the wineskin to bloat, so it was important that they only put new wine into freshly made wineskins. Pour the new wine into old wineskins and it would burst after a few days.

In the same way, it’s vitally important that you foster a company culture that allows for changes before growth happens. Having a rigid set of rules that can never be broken means that when you do need to make changes, people will freak out. Maybe they won’t burst physically, but definitely emotionally. If, however, you’re a company that encourages new ideas and you don’t shy away from risk, you’ll expand as growth happens. Make sure all of your employees, even at the lowest level, understand this concept, too.

Optimize. Scaling can be great when you know you can handle everything that is thrown your way, but without proper optimization, fast growth can result in slowdowns with your site, orders, and even customers. Make sure your team, equipment, and operations are all running efficiently.

Drop any dead weight. In the same veins of optimization, over the course of growth you will inevitably find customers (and employees alike) that are simply no good for you. The initial tendency is to hang on to these people, either because they’ve been loyal or you’re going through a dry spell and you could use the cash. But clingy or needy customers (or employees) can steal valuable resources away from people who are adding value. If you see vultures flying around someone at your company, don’t be afraid to say, “No thanks” and move on.

Learn how to delegate. This one is fairly straightforward. Don’t do everything yourself. That’s a one-way ticket to burnout. Remember, you can pay people to do almost anything.

Use virtual workers. Speaking of which, having contractors is a beautiful thing. The more you can move your workload to the digital space, the more effort you will save yourself in the long run. Likewise, working with another company that already handles some of the work for you will not only reduce stress, but could provide longterm support for your whole process (that’s why we exist, by the way, so feel free to contact us). Plus, the digital workspace will never be overrun by thousands of birds, so keep that in mind.

Stay hyper-focused on staff. If you love your team and they are doing a great job, make sure it stays that way. It can be easy to focus on the money, or seeing the numbers tick upward on your stat chart, but the people you work with (and for) are the reason you’re in business. Without them, you’d be nothing.

Don’t miss our list of 7 Ways for Dealing With Order Overload
Click Here

Final Thoughts

Remember, growth is a great thing, if you’re prepared to deal with it when it comes.

Watch out for hazards of growing too quickly, including too many slow-downs in your production, rollercoaster accounting books, and people drama.

The best ways to prevent being overloaded during periods of intense growth include staying flexible, getting rid of any distractions, delegating when necessary, and, of course, being really, really nice to your staff.

written by
on
Show comments
Load this article
Discussing Bitcoin
08 Sep

I recently appeared on the Mastermind podcast to discuss bitcoin.

If you’re not familiar with Mastermind, it’s a podcast about building and running Your WordPress business. If you work with WordPress professionally, I highly recommend you subscribe.

In the podcast, I share how Saucal uses bitcoin to pay our distributed team. I also elaborate on the basics of bitcoin.

Listen to the podcast here. Please post your feedback in the comments.

written by
on
Show comments
Load this article
What’s a “Good” Conversion Rate and How Do You Get One?
29 Aug

A lot of people who are looking to give you advice about your WooCommerce site will talk to you about conversion rates.

They’ll tell you to improve them, obviously, because having high conversion rates are a good thing, so they say.

But what the heck is a high conversion rate, anyway?

The problem is that a conversion isn’t as easy to pin down as you might imagine. A conversion is any desired action taken by a user, which can include subscribing to your newsletter, submitting a contact form, purchasing a product, or could literally be any interaction that’s more than a visit to a static page, if you wanted.

But does that mean you’re looking for a 100% conversion rate for everyone coming to your site? How about 50%? 10%? 1%? Do certain types of conversions matter more than others? What if people are just submitting contact forms but you really want them to be purchasing your products? What if you have a 10% newsletter subscription rate but only a 3% cross-selling conversion rate? Are you still successfully converting?

First, take a breath, because that’s a lot of questions and you must be winded. Second, we’re here to help you sort it all out, so let’s dive in…

Don’t miss: 9 Ways to Improve Your WooCommerce Conversions
Click Here

Measuring Conversion Rates

To answer one of the above questions: yes, the types of conversions matter. At least, they’ll matter to you. If you want your visitors to be purchasing products but all they do is sign up for your newsletter, you won’t be happy – even if you have 100% of your visitors signing up.

Ultimately, you want people to be converting in the areas that actually benefit you, but you won’t really know what those areas are until you start tracking your site as a whole.

So, the first thing you’ll want to do is look to see what actions (conversions) are currently taking place on your site, and then determine what actions you want to take place on your site and make changes to connect the two together.

woocommerce-report-category-sales

The good news is that WooCommerce already comes with reports that help you calculate interactions on your site, and if you want some additional firepower you can also use Google Analytics to refine that data further.

You’ll want to look for total number of unique visitors (called “Users” in Google Analytics) as well as the number of actions taken in a specific area – like overall sales in the month of July, or the number of new subscribers to your newsletter.

Then, divide and multiply: Conversions / Users * 100 = Conversion Rate

For example, if you had 125 new orders in July, and 8,000 unique site visitors for that month, your total conversion rate for sales would be roughly 1.5%.

You can do this for each of the subsequent areas of action around your site, and that should give you a sense of your total current conversions. You can also automate this process using a free WooCommerce plugin called Enhanced Ecommerce Google Analytics for WooCommerce.

Shopping-Funnel-report

But Is That Number Good or Bad?

Now, you might be thinking that a little over 1% sounds like a terrible conversion rate, but it’s actually in the standard ballpark (though a little on the low end depending on the area).

Most industry leaders consider 2-3% to be the average conversion rate for online stores, meaning that 20-30 people out of every 1,000 visitors should take an action. You might also find reports saying that 5% is more accurate for eCommerce stores, while 1% is still an acceptable rate.

20-30 people out of every 1,000 visitors should take an action.

Click To Tweet

Either way, a “good” conversion rate doesn’t have to be in the double digits to be effective, but your goal should still be to work toward a conversion rate that’s higher than your current rate. Even a 1% lift from 2% to 3% can mean 50% more revenue for the same amount of traffic.

Of course, the 2-3% is just an average for your overall conversion rates, but in terms of what makes a good rate for specific commerce-related areas of your site, here’s what you’re looking for:

  • Product Conversion Rates: above 5%.
  • Cart Abandonment Rates: below 70%
  • Checkout Abandonment Rates: below 75%
  • Mobile Conversion Rates: half of your overall rate

Ideally, if you can get higher than 2-3%, that’s awesome and definitely possible. 5% is a solid benchmark, and we’ve seen sites as high as 20-25%. Of course, those are champions, so don’t fret if you aren’t there!

Get Conversions Where You Want Them

Once you’ve gathered all of your data and you can see where your conversion rates are strong and where they may be faltering, you’ll probably be wondering how to boost those rates a little bit higher.

While it’s true that there are many different variables that affect conversions – such as sign design, loading speed, product demand, and more – there are also things you can do to improve those rates in each area.

Watch Your Bounce and Exit Rates for Clues

Beyond watching the conversion rates above, you also want to measure similar data like bounce rates and exit rates as well as average session duration.

Your bounce rate is the percentage of people who leave after viewing a single page, which is usually because they’re not finding what they want on your site. You can reduce your bounce rate (and improve conversions) by:

  • Including product tags for better searchability
  • Highlighting products on different landing pages
  • Making categories readily available on your homepage
  • Creating more categories for easier searching
  • Making sure your site is loading quickly
  • Avoiding a hard sell

Your exit rate is the percentage of people who leave after viewing your site without taking an action, and your analytics reports will let you know the last page they were on before they left. If you have a high exit rate for a certain page, that’s a red flag, but in general you can also do the following to minimize your exit rate:

  • Include a strong CTA on every landing page
  • Include visual cues and symbols to direct people to take action
  • Use clear navigation to help them find what they’re looking for

The average session duration gives you a general idea of how long people are browsing your site. A high bounce rate with a low average session duration means that your pages aren’t grabbing the right sort of attention.

Screenshot-2016-05-01-18.27.00

You can help maximize conversions by:

  • Simplifying your designs and including white space to draw attention to products, “add to cart” buttons and other CTAs
  • Remove unnecessary elements that might distract or confuse visitors
  • Use sharp images that grab the eye for both product pages and landing pages
  • Provide important information and explanation for confusing products/features of your site on the whole

By improving the overall experience of your storefront you’ll minimize your bounce and exit rates and improve conversions rates, too.

Look at Your Sales Funnel for Clues

Technically, all conversions aren’t created equal.

There’s a difference between what is considered a “micro-conversion” (e.g. a newsletter) that would happen at the top of your sales funnel, and a stronger conversion that happens near the bottom of the sales funnel, like a purchase.

If you’re noticing more newsletter subscribers but your actual sales figures haven’t improved, it could be an indicator that your tactics are being focused in the wrong place.

While a micro-conversion is still good because it leads your users further into the funnel, you want to make sure that your conversions are strong from top to bottom to maximize effectiveness.

Looking to improve your conversions? Here’s a list of 9 ways
Click Here

Final Thoughts

Be sure to watch your metrics on a daily or weekly basis, look for red flags on certain products or landing pages that might be causing low conversions, and make any necessary changes as needed.

Determine which specific actions you want your users to take and then create design elements that help them make that action, whether it’s subscribing to a service or newsletter or purchasing a product.

Oh, and don’t freak out if your rate seems low at first. Remember that 2-3% is normal, and you can always improve it over time.

written by
on
Show comments
Load this article
Why Your Lame Passwords Will Be the Death of You
15 Aug

Cybersecurity is a big deal, and if you’re not paying attention, it can come back to haunt you.

You may be thinking, “Who, me?” Yes, you.

While there probably isn’t a crew of expert hackers trying to steal your data or net millions of dollars in credit card information (you’re not Target, after all) the vast majority of hackers do want to use your server to send spam emails, which is the number one reason for hacking smaller sites.

That’s why it’s super important to make sure your WooCommerce site is fully secure. But before you shrug your shoulders believing that WordPress has you covered already, think again…

Don’t miss: Has My Website Been Hacked? Your WP Security Checklist
Click Here

Why It’s Easy to Overlook Security

Best-WordPress-Security-Plugins-shutterstock_252971932

Don’t get us wrong, WordPress is a killer platform, and we wouldn’t be in business if we didn’t see its inherent value. While its biggest draw is that it handles a lot of the work for you, it’s also easy to assume that WordPress is handling all of your security concerns.

Sure, you might install Akismet to protect against those pesky spammers, but when is the last time you really looked at how easy your site is to hack? We’re not putting words in your mouth here, but probably never, right?

What WordPress/WooCommerce Does Protect Against

Well the good news is that you’re not totally screwed, because like we said, WordPress does protect you against some things. For example:

  • WooThemes for WooCommerce frequently works with WordPress security professionals who audit their work, frequently checking for vulnerabilities
  • WordPress can use SSL certification (through your hosting service) to create safer shopping experiences
  • There are various plugins that will help protect your site further
  • Latest version releases come with built-in security features against most major threats

What It Doesn’t Protect Against

Here’s the bad news. Less than three years ago, 73% of the popular sites using WordPress were considered “vulnerable” to cyber attacks. In fact, of the 10 most vulnerable plugins, five were commercial plugins available for purchase, and one of them was an honest to goodness security plugin.

Which is why you need to be extra vigilant. Here’s what WordPress or even our beloved WooCommerce might not protect against:

  • You forgetting to keep your theme, plugins, and version of WordPress up-to-date
  • You downloading plugins from an unreputable or untested source
  • You using “admin” as a username
  • You not changing your passwords often or using weak passwords
  • You configuring your file directories the wrong way
  • You forgetting to backup your site on a regular basis
Come to think of it, human error seems to be a common theme.

Click To Tweet

Actually, come to think of it, human error seems to be a common theme here. But if we’re honest, forgetting to update to the latest version of WordPress the second it comes out isn’t going to topple your e-commerce empire. Rather, the biggest thing that you’re not safeguarded against on that list is weak passwords. Here’s why…

Why Passwords Are Your Biggest Risk

Have you ever watched a hacker movie or literally any episode of a detective show ever made? There’s always that one character that is (thankfully) working for the good guys who can guess the password on a suspect’s computer simply by knowing what the person’s dog’s name is or their birthday.

We may giggle at it in retrospect, but people are notoriously bad at picking passwords. In fact, 21% of people use passwords over 10 years old, 47% of people use passwords at least five years old, and 73% of all online accounts are guarded by duplicate passwords.

While it may seem like no big deal to you, we should remind you that you’re running an e-commerce business built on thousands of user generated passwords, and if a hacker gets access to one, he gets access to them all.

Your mission, therefore, if you choose to accept it, is to not only create secure passwords for yourself and your team, but also do everything in your power to encourage your customers to do the same.

What Secure Passwords Look Like

We’re not trying to scare you, but the fact is that hackers are getting smarter, and hacking technology has significantly improved in the last few years. You’ll have to go above and beyond to create a truly secure password. Here’s what a secure password includes:

  • Avoiding “dictionary words” (common words), anniversaries, and birthdays
  • Including a mix of capitals, lowercase, numbers, and symbols
  • Prioritizing length – long passwords are less likely to be hacked
  • Generating random passwords whenever possible
  • Creating unique passwords for each account and site

We know that the last one is a tough one, because remembering random strings of letters and numbers over multiple accounts and profiles is genuinely hard, but the more random the password can be, the safer it is from hackers. The best approach is to use a dicelist to generate a completely random password (here’s a good one, and this one too) that’s less likely to be hacked.

If you manage multiple WordPress/WooCommerce sites or you have a larger team that all need access to your site, consider using a service like ManageWP. It’s also extremely important to have a good host for your WordPress site, as we’ve mentioned before.

How to Incorporate Secure Passwords Into WooCommerce

Okay, now for the good news. Since the release of WooCommerce version 2.5, secure password strength indicators are built in to the system. Whenever a new account is being created, a popup will appear and hassle the user (not really) until the password meets certain standards.

pw-strength
But the creation of the password is still up to you and your customers. That’s why it’s a good idea to remind them using text and microcopy around your forms and landing pages about the importance of creating secure passwords.

You can also do a few other things to make sure your site is safe from even the laziest of passwords:

1. Enable two-factor authentication (2FA) on every account. Just because your admin account has an amazing hacker-proof password doesn’t mean all of your accounts do. 2FA relies on a second step, like sending a text to a smartphone, to authenticate a password, which makes it helpful against potential threats.

2. Limit brute force login attempts with Jetpack Protect. One thing can be said about hackers is that they never really give up if they want something. Thankfully, Jetpack’s security features – Jetpack Protect, for instance – allows you to limit the number of times that someone can unsuccessfully login to your site. And if you’re worried about forgetful customers getting locked out, you can also whitelist IP addresses.

Screen-Shot-2016-02-15-at-8.41.33-AM

3. Use (trusted) security plugins to scan your site. As long as the plugin is from a trusted source (look for good reviews from users and that it’s verified with your version of WordPress – and frequently updated), you shouldn’t have to worry too much, just make sure to keep it updated and implement the other security measures. Don’t just rely on a plugin.

Final Thoughts

We’re not saying that your passwords need to be a version of the chess game from War Games in order to be successful, but they do need a level of complexity more than adding your birth year to your favorite child’s initials.

Make sure your admin accounts (which shouldn’t be called “admin” as a username) and each individual account associated with your site have complex and lengthy passwords. Encourage your users in as many ways as possible to beef up their passwords, too.

Finally, it’s okay to trust WordPress to do their job, but you can’t forget to stay vigilant on your end. Not to say that hackers are lurking behind every bush, but hey, if Hollywood is anything to go by, crazier things have happened.

OH NO! Has your site been hacked? Check out our security checklist just to be safe.
Click Here

written by
on
Show comments
Load this article