Magento 2.3.4 Release: An Overview

Magento 2.3.4 is the latest release of Magento 2, generally available on 28th January and available to Magento Commerce customers and partners for pre-release from the 14th January. The release includes substantial enhancements to security, quality, plus the introduction of new platform technologies.

Magento Commerce 2.3.4 Key Updates

 

Security Enhancements

Magento has added 30 security enhancements to avoid vulnerabilities, such as hackers accessing customer information or gaining access to the admin. Security enhancements to the core code include: 

  • Removal of custom layout updates and the deprecation of layout updates to remove the opportunity for Remote Code Execution (RCE).
  • Redesigned content template features so that only whitelisted variables can be added to templates. 

Magento has also taken this opportunity to remind merchants of other necessary steps to protect your Admin inc. IP whitelisting, two-factor authentication, use of a VPN, use of a unique location rather than /admin, and good password hygiene

 

Performance Boosts

Like with any other release, there are a host of performance boosts merchants will benefit  from, including:

  • Eliminated redundant non-cached requests to the server on catalogue pages.
  • PHTML files have been refactored to better support bundling.
  • The ability to disable statistic collecting for Reports module by default for performance reasons.

 

Page Builder Enhancement

Magento’s Page Builder also benefits from key enhancements in Magento 2.3.4, with several upgrades to improve usability and functionality. These updates include:

  • Improved product sorting
  • Improved product carousel
  • Content optimised for rendering on the storefront using the Venia Theme (PWA Studio). 

 

Inventory Management Enhancements

The enhancements to the inventory management functionality include fixes to well-known performance issues and GraphQL bug fixes, such as:

  • Addressed issue with higher than expected loads on the database server in scenarios involving the shopping cart.
  • Update to the Inventory Reservations CLI command to reduce memory usage.
  • Update to multiple quality issues, relating to credit memos, grouped products, source and stock mass actions.

 

Improved GraphQL

This release includes improved GraphQL coverage for search, layered navigation, and cart functionality. The following fixes are available:

  • Guest carts can now merge with customer carts. 
  • A customer can start an order on one device and complete it on another.
  • Filtering by customer attributes in layered navigation.
  • You can search categories by ID, name, or URL key. 
  • Fixes to product tax and product-level discount information.
  • Information about promotions and applied discounts at the line and cart levels.

 

New B2B Features

Magento is a keen favourite for B2B and hybrid retailers and with Magento 2.3.4 comes further improvements to their B2B offering. Improvements include:

  • Ability to export requisition lists into CSV format. 
  • Granular ACLs for B2B modules. 

Alongside the key updates we’ve touched on, there have also been many platform upgrades and infrastructure improvements which enhance the overall website security and core quality included in the upgrade.

For Magento’s full release notes, please see the following Dev Docs.

 

Magento releases product updates which include critical security updates quarterly, and you must keep up-to-date with them to remain secure and benefit from the platform’s full potential. For an experienced Magento agency, these upgrades are fairly straightforward and if your site is well maintained, they can be relatively pain-free. Still, the amount of time an upgrade will take depends on two main factors – the complexity of the site (i.e. the amount of custom and third-party functionality) and which version of Magento the site is upgrading from. 

Looking for support with your Magento patches and upgrades? As a Magento Solutions Partner, we offer Magento support packages to help you remain secure and ahead of the curve.

Introducing Perkbox at AYKO!

Investing in our employees and being a great place to work is crucially important to AYKO. Happy people make productive people, who ultimately deliver the best work. We wanted to find a way this could be rewarded, not only inside the workplace, but outside of the workplace as well. 

After shopping around and doing lots of research, Perkbox seemed like the perfect solution and ticked so many boxes for our 2020 Culture & HR Strategy. It offers both traditional employee benefits, as well as more eclectic and lifestyle benefits, which seemed the perfect fit for our dynamic workforce.


Partnering with Perkbox has definitely been the right decision. We aren’t even at the end of month one, and have already seen the Perks being used well, and have weekly employee engagement surveys running to give a great insight on each department. It is so nice to hear employees come to me to tell me how much cashback they have earnt in their wallet, or where they have been using their Perks, whether it be a free weekly drink from Caffè Nero, or a free Cinema ticket when out with friends on a weekend. 

Moving forward, we are planning on using Perkbox Polls and Recognitions to fuel Employee of the Month; something again we feel will help evolve our Culture and enable our employees to get the recognition and feel the value they deserve. 

For employee retention, we are hoping Perkbox will enable us to see an increase, as well as being an Employee Benefit that future team members look for and appeal towards when working on employee acquisition.

How the Use of GIFs Can Boost Your Content

The key to any good marketing campaign is engagement with the audience and an effective way of engaging is to convey information as quickly and easily as possible. Adding to your content using images and videos can help with this, but there are drawbacks to using either. An image may not convey enough information whereas a video could take up too much of a users time, ultimately leading to them being overlooked or ignored.

This is where GIFs come in. A GIF (short for Graphics Interchange Format) is a bitmap image file which can play short moving images, ultimately allowing marketers to convey lots of information in a short space of time. Originally developed by Steve Wilhite of CompuServe in 1987, it is a lossless compression format which is designed for web use due to using a small colour palette of 256 colours per frame of animation used.

These limitations mean that file sizes for gifs are perfect for use in marketing campaigns as they can be distributed to any device, whether it’s desktop or mobile and are unlikely to use up data allowances. With multiple services such as Giphy, Tenor and Imgur all providing a wide selection of GIFs for almost any situation and to suit any need, there are so many options out there for content creators to choose from. 

 

Social Media

GIFs are widely used on multiple social media platforms including Facebook, Twitter and Instagram, therefore if your marketing campaign includes utilising social media, there’s no excuse to not be using the power of GIFs to enhance your campaign and engage with your audience.

Brands such as Disney and Buzzfeed have utilised GIFs on sites such as Tumblr to great effect, whether it’s to allow their audience to simply skim a story or showing how a movie goes from camera to screen, GIFs can mean the difference between your campaign going unnoticed to being one of the most popular brands on a platform.

 

Promotion and Reception

People are becoming less receptive to advertising in the traditional sense forcing marketers to become more creative in how they engage with their audiences. GIFs can be an easy win in this respect through multiple ways.

A custom GIF can be used to announce a new product or partnership, showcasing the benefits to your audience quickly and effectively without being intrusive on their time. Another good example of brands using GIFs to advertise effectively is Starbucks. If you enter “coffee” as a search term on Instagram for their GIF stickers, there’s a good chance you’ll see 1 or 2 GIFs featuring their logo on, allowing users a fun way to interact with the brand while at the same time.

 

GIFs in Email Campaigns

GIFs aren’t just useful for Social Media, they can also increase engagement in email campaigns. In 2014, Dell used GIFs in its email campaign with some impressive results. By using GIFs in their campaign, they benefitted from:-

  • 6% increase in open rate
  • 42% increase in click rate
  • 103% increase in conversion rate
  • 109% increase in revenue

Using appropriate GIFs for your campaign can not only be useful but can lead to a more successful campaign and drive revenue for your business.

 

GIFs and SEO

When using GIFs on your site, it’s important to remember that it can affect your SEO and must be considered carefully. Google has become more and more GIF friendly over the years, but steps must still be taken to ensure that the use of a GIF on your site doesn’t harm your ranking. These are some things to consider when using a GIF on your site…

As with any media, the first thing to remember is to provide the text equivalent for any non-text files. Therefore, you must ensure your site contains metadata for any GIFs used. This doesn’t just help Google, it also helps text readers as well, allowing your site to be more accessible to users, so ensure filenames, alt descriptions and surrounding text all support your GIFs properly to ensure your ranking is boosted.

Another to remember is that while a single GIF in and of itself is a small file and doesn’t require much in the way of resources, loading each page with multiple GIF’s can increase those resource requirements very quickly and can ultimately cause your page to require a lot of data and increase load times for end users, something you want to avoid, particularly if your users access your site over mobile.

 

Final Thoughts

A well placed GIF can increase traffic, revenue and engagement for your business and your site. Custom GIFs can give your audience a better idea of your brand and its values, while pre-existing GIFs can be used to convey thoughts and ideas to increase engagement with your audience. GIFs allow you to advertise without actually advertising to your audience.

While a picture may be worth 1000 words, as the CEO of Giphy, Alex Chung, once said “since the average GIF contains sixty frames, then they’re capable of conveying 60,000 words – the same as the average novel.” meaning so much can be conveyed using one GIF. They can hook your audience in an instant and can be a powerful tool when marketing to them, just remember to use them carefully when on your main site to not detract from your SEO campaign and page ranking.

 

So regardless of whether you pronounce it with a hard g or a soft g, remember, the right GIF can make all the difference in driving revenue, brand awareness and engagement.

Get in touch with our experienced Marketing Team today to build your content campaign further.

Five Ways to Market to Millennials

What is a Millennial? Millennials, also known as Generation Y, are a demographic cohort born between the early 1980s and the mid-1990s to early 2000s.”

Millennials are a hot topic right now –  and with good reason. Millennials are reported to represent 1.8bn people which equates to a quarter of the world’s population. As more and more millennials enter the workforce and climb hierarchy within their workplace, they present a significant amount of buying power. 

If millennials are your target audience or at least amongst them, it’s essential to understand what factors play a role in their purchasing decisions and shopping habits. As just like any other generation, millennials think and buy differently. As a millennial myself, I’m going to discuss what matters most when it comes to parting with our hard-earned cash!

Millennials like to receive confirmation from peers.

With so much competition out there, you must connect with millennials on an emotional level; using real customers and stories to represent your product or brand and build trust with the customer. 

For instance, if I’m looking to buy a new beauty product, I’m likely to read online product reviews to confirm how other people are also finding the product, or I’ll make a quick search on Instagram to see how they’re using it. Build trust with millennials by utilising customer reviews and incorporating user-generated content (UGC) into your website using tools such as Yotpo

Glossier customer reviews via Yotpo 

Influencer marketing is also a massive pull for millennials as millennials put trust into recommendations from their favourite influencers. Develop sincere relationships with thought leaders within your industry who can become advocates of your brand, but be sure to choose the right partnerships. Look for influencers who share your brand values and will maintain an appropriate tone to avoid losing credibility. 

 

Millennials want to save money.

Who doesn’t like to save money where possible? Millennials are no exception. With emerging banks such as Monzo helping them manage their finances, millennials are aware of exactly where they’re spending their money and how they can make savings. For retailers, this means that they need to see a real value in your product to justify the price tag.

Monzo Budget feature 

It’s also important to note that millennials are surrounded by enticing discounts, especially in the world of fast-fashion where prices are regularly slashed by up to 70%. With this in mind, you may want to entice web-savvy and frugal millennials with promo codes or incentives such as 10% off if they subscribe to your email marketing list. If cost-saving options are not presented to them, you run the risk of them abandoning their cart and looking elsewhere to make their purchase.

If you’re not able to offer a tempting discount, what about considering introducing alternative payments such as Klarna? Although customers are not saving money as such, they are being given the option to space out their payments which can help rationalise spending. 

 

Millennials care about their environment.

Newsflash, millennials care about the planet and the impact they’re having on it – they also take an interest in brands that care too. They are more likely to spend money with conscious brands and are often even willing to pay a lot more to know that what they’re spending money on is good for the earth and the people in it – whether that’s when purchasing their morning coffee or a new coat. 

To convey your compassion and authenticity, you’ll want to draw attention to any environmental positives about your service or product. I.e. if your products are recyclable or cruelty-free, or if your brand donates a percentage of its profits to charitable causes. 

Patagonia Black Friday campaign 

 

Millennials crave more profound connections with brands.

From the moment they wake up until the moment they go to sleep, millennials are connected with thousands of brands through their mobile phone. As they’re scrolling through their Instagram feed, they’re craving relevant and engaging click-worthy content. 

Invest in understanding your millennial audience first, tap into their culture and think outside of the box when it comes to content marketing. Where are millennials spending their time, what are they eating, listening to, or watching on TV? Incorporate these interests into your content, across your website, blog and social media.

We also recommend interacting with customers on social media. Be responsive to comments and conversations, promote giveaways and encourage shares. Not only will this inspire millennials to shop with your brand but will also increase their brand loyalty.

Inthestyle Instagram campaign 

Millennials are mobile-first. 

Millennials use smartphones more than any other generation. They appreciate the convenience of online shopping and discovery, and they love to multi-task – which is all made possible with their smartphones. The good news is there are endless ways you can optimise your customer journey for mobile.

Firstly, ensure your site design is mobile-first and your web content is optimised for mobile devices. Then look at other ways you can make it easier for them to interact, browse and make a purchase on mobile. Perhaps you could introduce payment methods such as ApplePay or Paypal to make your checkout process quick and easy, or utilise Instagram Shopping so customers can shop in-app? The options are endless.

 

Ultimately millennials have immense spending power and are more likely to engage with your brand if it resonates with them or fits with their busy lifestyle. By tuning into what matters most to millennials and adopting some of the above key strategies and tools to connect with them, we hope you can start your journey marketing to the most advanced generation yet.

Want to resonate with your target audience and enhance customer loyalty? Our Performance Marketing team can review your current strategy and offer strategic recommendations to drive deeper connections.

Shopify vs. Shopify Plus

Shopify provides a very convenient eCommerce platform allowing businesses to easily get set up online and selling quickly. Whilst the plans can be quite cheap allowing businesses to select tiers based on their business needs, sometimes they don’t cover everything required to operate your store as you need to.

Shopify Plus caters to businesses operating at enterprise scale and is available for $2000 a month, but offers some very powerful tools and facilities to help ensure your store runs as smoothly as possible. Below are some other features which come as part of Shopify Plus and the benefits they give to businesses.

Shopify Launchpad

Shopify Launchpad is a scheduling system for Shopify stores to allow businesses to automate and schedule changes to their store, such as enabling discounts or launching new products. It’s a tool that very much allows for a “set up and go” mentality, allowing you to focus on driving your business forward.

A good use for this is for a Black Friday sale. With Shopify Launchpad, you can set up discounts on select products or enable a discount code and set the start and end dates for each event, allowing you to automate the discount process. You can also set up a store theme specifically for Black Friday to show only during your Black Friday sale period, seamlessly reverting back to your default theme once the sale is over.

As mentioned previously, you can also use the feature to show specific products on your site on a specific date and time in case there is an embargo, or if the product isn’t announced or released until a certain date. With Launchpad, you have complete control of the automation and don’t need to worry about it once it’s been set up.

There are a couple of additional features you can set to help with either generating excitement with your customers or to prevent false orders being placed, the first of which is password restricting your automated launch. This allows you to create a more exclusive event for certain customers which can be used to generate hype for your store.

You can also set Launchpad to use a CAPTCHA, meaning when someone attempts to checkout a product, the system will check to see if the customer placing the order is a robot using the Captcha system. This ensures that your store isn’t bogged down by bots, ensuring more genuine orders and increased customer satisfaction.

Arrange a business consultation with our Directors to help you assess the correct platform for your eCommerce business today.

For a free eCommerce consultation submit your details here 

 

Shopify Flow

Shopify Flow is a tool that allows you to create flow diagrams to classify actions on Shopify and tell the system how to respond to those actions. This can be used for a range of purposes, such as rewarding customers who spend a lot with your store and can be enhanced using a range of add-ons from the Shopify store. With Shopify Flow, you can have your system react based on how customers use the store and what you need to generate more revenue for your business.

An example of how this would work is as follows, imagine a customer makes a purchase on your store of approximately £600. With Shopify Flow, you can create a flow diagram with the following process:-

As you can see, using the above diagram, Shopify will determine the total spend of the customer, and depending on the current spend, will either reward the customer with 10% off their next purchase or entice the customer with 20% off their next high spend purchase, using the example mentioned before, as the customer spent £600, they would receive 10% off their next purchase.

Shopify Flow allows for easy automation to generate increased revenue by enticing customers to repeat spend with your business with minimal work and fuss from you. By setting up a few flows for your site, you can easily reward your valued customers, whilst also creating new ones and ultimately, generating revenue for your store.

Request an eCommerce Consultation

Script Editor

As standard with Shopify, businesses only have a limited degree of control with their checkout process. Certain changes can be made to the style, whether an account is required, order processing and more. The options available can cover most use cases, but sometimes larger enterprises need something with a greater degree of control.

This is where script editor comes in. Script Editor allows businesses more granular control of their checkout process with custom code. This is a tool which does require some technical knowledge but can provide powerful results, allowing for a more tailored checkout experience for your store. Our developers are highly skilled in using Shopify’s Script Editor to create bespoke solutions for any scenario.

Scripts can be used for many reasons, such as applying discounts based on the items in the shopping cart or other cart properties. You can customise shipping and payment options available to your customers. With scripts, you can gain advanced custom functionality without compromising flexibility or maintainability. It’s also good for adding functionality without maintaining applications or keeping servers running as the scripts are all run as part of your store rather than separately.

 

Summary

Shopify Plus includes powerful tools to help increase revenue and automate running your store. It also offers other smaller features not mentioned in this article, such as more control over currency conversion if your store trades in multiple currencies, and the ability to add up to 100 themes for your store which allows you to have a theme for any situation and more. Whether Shopify Plus is a good idea will vary depending on your business’s needs. However, it does offer excellent functionality at great value for money, proving beneficial for many businesses’ under the right circumstances.

If you’re unsure whether Shopify Plus is the right platform for you, get in touch with one of our Shopify experts for advice on which path is right for you and your business.

eCommerce Trends to Look Out For in 2020

In the ever-evolving eCommerce landscape, retailers must stay current and adopt new technologies and strategies ahead of their competition. From Chatbots to video and on-site personalisation, 2019 brought many new eCommerce trends to the market, allowing retailers to connect with customers on a deeper level.

As we embark on a new decade, 2020 brings new challenges and opportunities such as drone delivery, flexible payments, and so on. Discover our recommendations of which trends to focus on and incorporate into your strategy for a prosperous year ahead. 

Responsible and Sustainable Shopping

A company has a corporate and social responsibility to minimise the adverse effects they have on the environment, whether that be through the way they manufacture products or ship deliveries. Consumers have also become more mindful of the impact they are having on their environment and the economy, and as a result of this, brands who advocate sustainability or have invested ethically will see a rise in popularity. 

Attract a new age consumer by shouting about the use of recycled or upcycled products, streamlined shipping procedures, sustainable manufacturing processes, thoughtful packaging or how you are giving back through charity or community work such as planting trees. 

In a bid to reduce its environmental footprint in the fashion world, & Other Stories offer a simple in-store recycling program – recycling their beauty packaging in stores worldwide and textiles in the UK and the US (via partners I:CO). Users of the scheme, receive a 10% discount on new purchases as an incentive, plus the ‘feel good’ factor. 

Voice Search Queries

It was reported by Shopify, that just over 20% of search queries are now made via voice and experts predict that 50% of search will happen via voice in 2020. As more and more consumers make purchases from an Alexa or Google Home device, an unmissable opportunity for eCommerce presents itself.

Remember, voice search queries are generally longer than typed search queries, so concentrate on long-tail keywords to ensure your product or service presents itself to the consumer. Without the use of product images, voice devices solely rely on product descriptions, so ensure that they are as descriptive, compelling and as clear as possible to maximise the chance of a conversion. 

As early adopters, Esteé Lauder is currently dominating the beauty market when it comes to voice search queries. The global makeup and skincare brand partnered with Google Home to create a voice-activated skincare expert name “Liv”. Liv can answer all beauty related questions while recommending an Esteé Lauder product within her response. 

Social Commerce

We’re all guilty of too much scrolling on social media, lusting over influencers and being sucked in by those perfectly targeted ads. Social Commerce allows brands to target customers across social media and offers customers the ability to make purchases conveniently via social platforms such as Instagram. 

Having released its Beta Checkout feature recently, Instagram Shopping is sure to lead the way in 2020. The feature which is available in the US and will soon be available in the UK, allows the entire eCommerce process to happen directly within the Instagram app rather than directing the user to an actual eCommerce website.

Adidas, Nike, H&M, Uniqlo, Zara and Warby Parker are among the 20+ brands working on the beta rollout of Checkout on Instagram.

In the meantime, take full advantage of Social Commerce, by considering the following: where are your customers the most active, when are they most likely to make a purchase, i.e. payday or end of the week, and how you can use a platform’s current features and functions to spur conversions? To help with this, we recommend investing in engagement tools such as Yotpo, Buzz Zumo and Storyheap, which allow you to better connect with your audience on social. 

Google as an Online Marketplace

In 2019, Google unveiled a redesigned shopping destination in the hopes to take on marketplace giant, Amazon. Google Shopping will now act as a marketplace, allowing consumers to discover and compare products from thousands of stores in one location, then check out instantly within their Google account. Shoppers will have a personalised home page where they can filter products based on features.

For merchants, it combines ads, local and transactions in one place. Google is not only the search engine but will also provide support if the customer has any issues, or if they need a refund. This new design is not yet available in the UK, but it’s worthwhile merchants preparing for this and to be ready to treat this as another lucrative selling channel. 

Ultimately, 2020 will be another year of extraordinary growth in the eCommerce space and staying on top of the latest trends will be an essential key to growing your business. We don’t yet know where technology will take us over the next decade, but we do know the factors that are shaping consumer shopping habits today, including sustainability and convenience. If you’re looking to start the year with your best foot forward, chat to our Professional Services team to see how these trends and technologies could work for you.

If you’re looking to start the year with your best foot forward, chat to our Professional Services team to see how these trends and technologies could work for you.

Colour Compliance and Accessibility on the Web

At AYKO we believe that accessibility forms the building blocks for a great and usable website design.  By considering accessibility for all users, you can help to ensure that your site is as inclusive as possible, and prevent your valued customers from encountering difficulties which might otherwise stop them from achieving their goals.

One major part of accessibility is the consideration of users with vision impairments. In this article, we’ve highlighted the importance of colour usage and contrast and how this can affect your users to varying degrees.

Considerations for users with a colour-based vision impairment

The human eye and brain are very good at distinguishing shapes, patterns and colours generally. Still, for a significant number of people, there can be difficulties distinguishing some shades, or some colours. According to the Government Guidelines for Accessibility, around 1 in 12 men and 1 in 200 women have some degree of colour vision deficiency; this equates to roughly 8% of men in the UK!

To make sure your designs are accessible for everyone, you’ll need to ensure that anything indicated by colour also has a secondary way for it to be recognised, i.e. text explanation. Also, for text to be readable or other elements to be distinguishable, they need to have sufficient contrast with the background. The Web Content Accessibility Guidelines (WCAG) states that for level AA, a minimum ratio of 4.5:1 is required for standard text (less than 18px) and 3:1 for large text (18px bold or larger, or 24px or larger).

Considerations for vision impairment among the older generation

Vision impairment is not just prevalent among men, it’s also common amongst the older generation. The amount of light that reaches the back of the eye reduces as a natural part of ageing, making it harder to distinguish between similar colours, in particular, shades of blue which can appear faded or desaturated.

Where possible, we recommend avoiding blue for important interface elements. Using more accessible colours will improve the user experience for the older generation, who have become much more web-savvy and willing to spend their disposable income online. 

Considerations for users with dyslexia

Web accessibility doesn’t only extend to vision-impaired users, but also dyslexic users whose learning disability impairs their accuracy or ability to read, write, and spell. Several bad practices can cause visual distortion effects for dyslexic users, including certain uses of font, spacing, and colour. 

From a colour perspective, dyslexic users may be sensitive to brightness and high contrast. For example, pure black (#000000) on a pure white (#FFFFFF) background can cause the words to blur together. To minimise glare and avoid this barrier, you could use an off-white colour or a dark grey as an alternative to pure black.

When designing a website, page, or element, make sure you consider all users from the beginning and meet colour compliance guidelines. If the content or design is inaccessible to users, you’ll run the risk of increased site abandonments and potential loss of revenue. Do what you can to accommodate the needs of all users, and you will build satisfaction and trust amongst your customers. 

Looking for guidance on how to enhance the accessibility and usability of your site?  Our Creative Services team can advise you on the next steps.

A Beginner’s Guide to Adding a robots.txt File To Your Website

Google has an insatiable appetite for content, webpages, and anything else on your website it can find.

This is great, but as we mentioned in a previous post about crawl budget, large stores can suffer from Google trying to access every single page within their domain for a number of different reasons.

In this article we’re going to cover the use of the robots.txt file – a last-ditch option often used to prevent crawlers from accessing areas of a website it doesn’t need to crawl and you don’t want in the index. 

Disclaimer: Although it can be very useful, this file should be used with extreme care, as the wrong implementation could exclude more than intended – and in extreme cases – remove your entire website from the Google index.

Basic Setup

To begin with, let’s start with setting up a basic robots.txt file and how to implement it on your site. The basic format for a simple instruction set is as follows:-

User-agent: [user-agent name]
Disallow: [URL string not to be crawled]

This is the basic information a robots.txt file will need to instruct crawlers how to crawl your site. The user agent name will be the name of the crawler e.g. Google’s would be “Googlebot”, Microsoft Bing would be “Bingbot” etc. You can also provide instructions to all bots using “*”.

The URL string is the web address after the main domain to access your site e.g. if you have the website https://www.example.co.uk and you want to block the “About Us” page, which is located at https://www.example.co.uk/about-us.html, then after “Disallow: “ you would simply type “/about-us.html” to have the crawler ignore your about us page.

You can set your entire site to be ignored by a crawler by using “/” after disallow, or alternatively, if you want to include your entire site for crawling, you can leave the string after “Disallow: “ blank, telling the particular crawler you’ve provided the instruction to that your entire site is to be indexed by their robot. So, with all this in mind, the bare minimum a robots.txt file would need would be something like the following:-

User-agent: *

Disallow:

What the above does is it tells all crawlers that the entire site can be crawled without restriction. Once you’re happy with your robots.txt file, this needs to be saved to a file named “robots.txt”. It’s important to remember that the file name must be completely lower case and as written in the quotes. If the filename doesn’t match exactly, the file will be ignored and your restrictions won’t be applied.

The file then needs to be located on your site at the top level. So using our previous https://www.example.co.uk site, you would place the robots.txt file so it can be found at https://www.example.com/robots.txt. Placing the file anywhere else on your site will cause a crawler to assume your site doesn’t have a robots.txt file and proceed to crawl your entire site, so it’s important to ensure it’s located at the right address.

Expanded Example

Using the knowledge above, we can create a more comprehensive robots.txt file with more instructions. Let’s take a look at the below example:-

User-Agent: Googlebot

Disallow: /customers/

Disallow: /*.xml$

User-Agent: Bingbot

Disallow: /contests/

User-Agent: *

Disallow: /

Let’s breakdown the above example, the first instruction only applies to Google’s robot and we’ve told it to disallow the customer’s folder of the site, meaning any web page that starts with https://www.example.co.uk/customers/ will be excluded from Google’s crawler. We’ve also included a line stating to disallow “/*.xml$”. This tells Google’s crawler to exclude any page that ends in “.xml”. This is done by using the “*” to denote any string of characters between the “/” and “.” characters and the “$” character to indicate the end of the web address.

A new line is then used to indicate that this the end of the instructions for Google’s robot and the next set of instructions now applies to a different robot, in this case, Microsoft’s Bing crawler. What we’ve told Bingbot is to ignore any site starting https://www.example.co.uk/contests/. Another new line then indicates the end of the instructions for Bingbot.

The final section, we’ve applied to all crawlers, however, this is excluding Googlebot and Bingbot. If a robots.txt file includes a set of instructions for specific crawlers, then includes a section for all crawlers, any crawlers previously specified will ignore any instructions for all crawlers and only apply those aimed specifically at it. We’ve told all other crawlers to not crawl our site as per the single “/” after disallow, meaning that only Googlebot and Bingbot will crawl our site, minus the disallows specified under their respective instructions.

This should show how to create a more complex set of instructions for crawlers of your site based on your needs and their ranking rules. However, what you may find is your site may suffer performance issues due to crawlers accessing your site during peak traffic periods. The last section is going to look at one more instruction which can be used to mitigate performance problems which can occur whilst your site is crawled.

Crawl-delay

You can also defer the length of time between crawler requests to ensure that your site performance isn’t impacted. This is done through the “Crawl-delay” command. It’s implemented as follows:-

Crawl-delay: [time in milliseconds]

If this is included in your robots.txt file, it will instruct the relevant robots to delay accessing pages on your site by the time specified, for example:-

User-agent: *

Crawl-delay: 10000

Disallow:

In this example, we’ve told all robots they can crawl the entire site, however, each page can only be accessed after a 10-second delay. By doing this, it spaces out how many requests all crawlers make to your site reducing performance issues for other users attempting to use your site.

Summary

This article has covered some basic use cases for the robots.txt file that should cover basic setup, specifying instructions for a specific crawler and how to delay their access to prevent performance issues for other users. However, there are more instructions and facilities that can be utilised within the robots.txt file which may benefit your site. For more information on this, you can contact our SEO experts who can answer any questions you have about the best implementation of the robots.txt file for your site and more.

Get in touch with one of our SEO experts today for any questions you have about the best implementation of the robots.txt file for your eCommerce store.

Four Steps to Improve the Security of Your Magento Store

Magento is a platform that is ever-increasing in popularity and status, with a market share of 26% of the top 1 million Alexa ranked eCommerce websites being on the Magento Platform (HiveMind). A negative of such popularity is that, by nature, there are more attempted attacks by malicious users when compared to lesser-known and used eCommerce platforms. As attackers get smarter and seek new methods to disrupt your business, it has become imperative to implement preventive measures and security procedures to help boost your Magento Security.

Over 1,000 compromised Magento websites were discovered which were stealing customer details by installing malware to mine cryptocurrencies on a user’s machines (Leyden, 2018). Usually, this is a result of missing core security patches provided by Magento and can often be prevented with simple security checks and upgrades. In this article, we offer a few simple techniques that could help you reduce the likelihood of a breach and help you rest easy that your eCommerce store is safe.

Magento Security Scanner Tool

Magento actively provides security patches for Magento 2; however, Magento 1 updates will cease from June 2020 due to the impending Magento 1 end of life. Magento provides a Security Scanner which is available to anyone who has a free registered Magento.com account; the tool is free and allows you to get an insight into what patches are missing and information regarding their security best practice.

To set this up, log in to your Magento account at Magento.com and navigate to ‘My Account’ which will provide you with the ‘Security Scan’ option as illustrated below or click this link.

Firstly, you will need to verify the ownership of the website. Magento will provide a confirmation code which you can add via your website admin panel (It will look similiar to this <!–34b703e1041fcfe0a732f56df99c6452→). 

Magento 1 Installation Instructions: 

Navigate to System > Configuration > General > Design and amend the HTML head or footer. 

Magento 2 Installation Instructions: 

This depends on your current Magento version; for Magento 2.0.x websites, you can navigate to Stores > Configuration > General > Design and add to the HTML head or Footer. For Magento 2.1.x, 2.2.x & 2.3.x versions follow Content > Design > Configuration and click “edit” on the relevant theme and then proceed to add the HTML code into your header or footer.

You will likely need to navigate to Cache Management and refresh any invalidated caches for your changes to show. You can check if your tag was added successfully by using Google Chrome and opening a new tab with view-source: https://WEBSITE-NAME-HERE.com/ to view the page source, then using Ctrl + F (or cmd + F on Mac) and search for the same HTML code you added in admin, e.g. <!–34b703e1041fcfe0a732f56df99c6452–>.

You can then proceed to verify the site’s status using the Magento Scanner. Using the scanner, you can set up a weekly or daily scan to automate a scheduled health check for your website, to ensure your complying with Magento’s latest guidelines and practices. After running your first scan, you will then be able to download the contents of the report as a PDF for reference or to send to your relevant website developer or agency.

Magento has also announced that they would be adding an option to set up an SSH scan, which will give you the ability to scan your website files against known malware signatures.

Reach out to one of our Magento certified specialists today.

Sucuri Website Monitoring Tool

Sucuri.net is a security provider that can help identify malware on your Magento store and provide file integrity checking. Unlike the current Magento Scanner, Sucuri Scanner provides server-side scanning, which means the actual files of your Magento website will be scanned daily for any suspect code. Alerts can be configured to notify Slack, SMS and/or email, to flag anything that needs to be reviewed manually. Please note, this is a paid service and billing plans will be required. 

Setting up Server-Side scanning is easy, after logging in you can click “Website Monitoring” and proceed to add your domain. To initiate the scanning, you will need server/FTP access to upload an encrypted Sucuri PHP file into your Magento webroot. Navigate to settings and look for “Server Side Scanner”, from here you can hit “Enable Manually” to download the PHP file required to begin scanning.

After following the Sucuri instructions and verifying your domain, you can let this run with the confidence that you will be notified of anything suspicious going forward.

Magento Patches and Third-Party Updates

Of course, alongside these two additional precautions, we cannot stress enough the importance of regular Magento patches/upgrades and third-party module updates. An outdated module or poorly written code may provide easier access for a malicious user.

At AYKO, our builds use as much native Magento functionality as possible; however, we understand that bespoke code and third-party modules can be required to achieve certain requirements. Reports suggest that a total of 66% breaches are linked back to a third-party service provider (Patterson) which is why it’s essential to be vigilant and restrictive of which third-party vendors you trust.

Magento has spent considerable time over the last few years tackling rogue third-party modules and chaperoning verified modules through their Marketplace. Modules on the Magento Marketplace undergo strict internal testing by Magento and are much more likely to be more secure. It’s worth regularly checking the release notes of the module for any security improvements and keeping third party modules as up to date as possible.

Prevent Unwanted Admin Logins

The Magento Admin can be prone to attack via an array of methods including brute force attacks, which is essentially a trial and error method to guess a user’s password. Although many Magento sites opt to rename their admin path, we strongly recommend that whitelisting is in place as a prevention tactic. In some cases, admin paths can become visible and indexed in search engines, despite a randomized path.

We also advise that you refrain from using common usernames such as “Admin”, “Developer” or a person’s first name, as this increases the total time required to guess your username and password during a brute force attack. Using a corporate password manager, such as LastPass will allow you to create complex, secure and unique passwords that can be stored safely. 

To add another level of protection to the Magento Admin panel, you can now implement 2 Factor Authentication (2FA). 2FA is easily available in the latest Magento 2.2.x and 2.3.x versions. If a Magento Admin username/password were to be cracked, 2FA would prevent login until it was verified using the correct admin’s mobile phone. For Magento 1, there are modules available (for example from Amasty) which also offer this.

Summary

A security breach could cause significant disruption to your business, and in addition to this, GDPR data protection laws heavily punish irresponsible eCommerce store owners. Taking the above steps to help prevent your website from a breach and protect your customer’s data, will reduce the risks and provide you with better peace of mind.

If you have concerns or queries regarding your Magento security, please feel free to reach out to one of our Magento certified specialists.

How to Manage Seasonal Returns

As the majority of the UK returned to work after the festivities, postal workers braced themselves for their busiest day of the year. On the 2nd January 2020, otherwise known as ‘Takeback Thursday’, returns were expected to be 72% higher than an average day in December with customers returning unwanted or ill-fitting gifts in the hope to choose something more appealing, or perhaps even in return for the cash.  

Customer returns can be a headache for retailers at any time of year, but especially following peak periods like Christmas when they soar upwards. Despite our disappointment as returns begin to chip away at potential profits, it’s important to remember that this can also be a stressful time for the customer and make or break when it comes to customer retention.

We’ve put together some handy tips to ensure you are getting customer returns right, to avoid any potential conflict with the customer or harm to your brand’s reputation.

Utilise Cross-Channel Returns

Managing both in-store and online payments in one system enables your online shoppers to return items in-store and allows your in-store shoppers to return items to your eCommerce warehouse, otherwise known as cross-channel returns. Linking the two makes the return process more straightforward for the customer, which can be an attractive selling point. 

To support cross-channel returns, you’ll need a single view of your shoppers’ purchase history to reconcile an online purchase in-store, and vice versa – payment gateways such as Adyen offer this functionality.

 

Protect Yourself From Return Fraud

Return fraud can take place in various ways, but overall it is when someone abuses the return process for monetary gain. While creating your return process, ensure you have safeguards in place to protect your brand from return fraud, without compromising the ease of returns for the customer. 

To avoid vulnerability, you’ll need to be able to reconcile the return claim with your shopper’s history on the spot – this is much easier if your payments are centralised as you can link all shoppers activity regardless of how they made the purchase. In addition to this, we also recommend not allowing in-store returns without a receipt, returning refunds to same payment method, transparent and accessible return policies, plus adequate employee training on the return process.

 

Convert The Return Into a Sale

It’s important not to forget that returns offer an opportunity to re-engage with a customer. Whether the customers visit your site to view your returns policy or come in-store to make their return, make their experience as smooth as possible to increase customer satisfaction and the chance of them converting at a later stage.  

Consolidated payment data enables you to process customer returns quickly and easily, which is great for the customer and also minimises the amount of manual work required for you as a brand. Now you have their shopper history you can even target them with relevant products and offers!

 

We understand that as a retailer, returns can be disappointing and stressful, especially during peak periods, but customer returns come with the nature of the business, particularly in eCommerce. With figures showing that the average person in the UK returns an item bought online once a month, it’s impossible to avoid the importance of getting customer returns right. In doing so, you’ll alleviate some of the pain for the customer and therefore increase customer satisfaction and retention.

Want some expert advice around managing returns, or how to choose and implement the right payment gateway? Chat to a member of our Professional Services team today.