Customer Paradigm Blog

  • New Magento Security Patches

    August 27, 2015

    Tara

    Learn about the recently released Magento security patches to install The e-commerce business is growing at a very fast rate and it is important to keep your sites protected. They include very sensitive customer data that, if stolen, can be devastating not only to the consumer but the business as well. Most customers buy from e-commerce sites trusting that it is safe and businesses need to avoid breaking that trust and losing customers forever. There is a constant flow of hackers trying to get to customer data. Many hackers are after customer credit card details and this can ultimately lead to identity theft, which can be a costly and a stressful thing to deal with. Security measures should be the most imperative aspect of e-commerce websites. Magento is addressing security vulnerabilities by releasing a series of security patches this year. Each one protects against a unique vulnerability and if you haven’t already installed them on your site, they are a must to keep ...
  • Magento Security Vulnerability with Open Git Directory

    August 23, 2015

    Customer Paradigm

    Is your Magento .git repository exposed and vulnerable? Git is an amazing platform that allows for version control on many sites, including Magento commerce sites. According to the official Git website, Git is a "free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency." Google, Facebook, Microsoft, LinkedIn, Netflix, Android and Twitter all use Git. At Customer Paradigm, our team uses it religiously to make sure that nobody overwrites anyone else’s changes. It also helps us understand if there are other people (i.e. clients, third party developers) making changes on a person’s site. We’ve even used GIT to track down Magento site hacks, because it lets us know what files have been added since the last GIT checkin. But if you don’t set up GIT on your server properly, it’s easy for someone on the outside to see the contents of ...
  • Magento 2.0: How to Create a Custom Maintenance Mode Page

    August 20, 2015

    Jeff Finkelstein

    In Magento 2.0, there is currently no documented way to set a custom message or page if you want to put your site into maintenance mode. (This is as of August 2015.) For most store owners, if you need to put the site into maintenance mode to upgrade a site, it’s not ideal to use a basic message that looks like there’s a big issue on your site (or that you’ve gone out of business). This is a pretty critical feature for most site owners. When Apple launches a new product, for example, they often put their site into maintenance mode, promising that new products are on the way. In Magento 1.x, there were many ways to set this, but it took some digging to find a way to set a custom message for a Magento 2.0 site when it’s in maintenance mode. Background: To put a Magento 2.0 site into ...
  • Magento 2.0 Community & Enterprise: Full Page Caching Explained

    July 28, 2015

    Customer Paradigm

    Full Page Cache in Magento 2.0 In Magento 2.0, full page cache is built-in for both the Magento 2.0 Community platform, as well as the Magento 2.0 Enterprise system. I can’t emphasize how amazing this feature is to have for an eCommerce store. Full page caching essentially turns your database-driven Magento 2.0 store into a site with the speed of an old-fashioned, static HTML site. What this means is that when an end user comes to your site, there’s no database calls and very few file system calls to return (or "serve") that page to the end user. Think back to a vintage 1994 website: You have an index.html page that contains all of the content, and perhaps an image or two. A page like this loads really quickly, but is next to impossible to keep updated with inventory levels, current pricing and other fresh content. A modern server can serve literally tens ...
  • Magento 2.0: Location of Database Configuration File

    July 23, 2015

    Jeff Finkelstein

    In Magento 1.0, the configuration file that contains database settings and other information is located here: /app/etc/local.xml In Magento 2.0, the configuration is in the same directory (/app/etc/) but has been renamed to env.php. The file path is: /app/etc/env.php In this file, a number of key things are set, including the database connection information: ‘host’ => ‘localhost’, ‘dbname’ => ‘magento2database’, ‘username’ => ‘some-sample-username’, ‘password’ => ‘Extremely-Complicated-Password-12345′, ‘model’ => ‘mysql4′, ‘engine’ => ‘innodb’, ‘initStatements’ => ‘SET NAMES utf8;’, ‘active’ => ’1′, The file also allows for a table prefix, if you happen to have that in your Magento database. This is mostly used if you can only have a single mySQL database, and you’re sharing it with WordPress, for example, so you have a prefix like, Magento2_ as the prefix. (Usually this isn’t an issue, but in the past on the Magento 1.0 framework, ...
  • Magento 2.0 Community Speed Test with Full Page Cache

    July 19, 2015

    Jeff Finkelstein

    I just ran a speed test on a new Magento 2.0 community installation. It’s still in Beta and still has a few bugs; it’s due for an October or November 2015 release. One of our developers just downloaded the latest version – Magento ver. 1.0.0-beta from Git Hub, and installed it on a temporary server. But the community site – out of the box – has a 1.14 second page load time for the home page. The home page is 907.4 KB, and requests 124 different files. Note that this does use all 13 types of caching turned on for Magento 2.0 Community, including the full page caching: Magento 2.0 – Speed Test on Home Page – View Full Screenshot – Click Here >> For the new Magento 2.0 home page, here’s the breakdown of content by file size: Scripts: 452.5 KB Images: 318.1 KB CSS: 48.8 KB HTML: 12.6 KB Other: 75.3 KB If ...
  • Magento Imagine 2015 Recap

    July 16, 2015

    Jeff Finkelstein

    888.772.0777 303.473.4400 As you may know, I went out to Las Vegas for the Magento Imagine show in April, to find out the new trends in eCommerce, and get an overview for what’s going on within the Magento company and in the industry in general. I’ve let me thoughts simmer and marinate for a bit now, and want to share with you my thoughts and experiences from the show As usual, I brought some of my camera gear with me, too, so that I could visually remember what I say. The Imagine conference started off with amazing music: Magento Imagine – 2015 Recap   First, the continuing trends: This year, mobile, responsive design is still very, very important and ...
  • DNS Caching & Why My Site Doesn’t Show Up After Moving Hosting Companies

    July 14, 2015

    Jeff Finkelstein

    Why does my site not show up after I moved it to a different hosting company? We had a client issue this week where after he moved his site from one hosting company to the next, he wasn’t able to view the site in his browser. To him, it looked like his website was down. (When it actually was not down.) What happened? DNS caching. When you go to a website (for example, www.CustomerParadigm.com), your computer looks up the IP address for the site. This is usually known as an A record in DNS terms. If it’s a site that you haven’t been to before, then your computer has to reach out to the DNS servers that contain this A record. Basically, the A record translates the www.CustomerParadigm.com into an IP address that your computer uses to connect to the site. In our case, CustomerParadigm.com’s name servers are at the Domain Control domain: customerparadigm.com. 3600 IN NS ns64.domaincontrol.com.customerparadigm.com. ...
  • Emergency Bypass: Magento’s Saved Credit Card Option

    June 4, 2015

    Jeff Finkelstein

    Magento-Saved-Credit-Card-Options-Magento-Admin-Options   Last Tuesday (and for a little while on Wednesday), Authorize.net’s payment gateway was down. Authorize.net is one of the top ways that eCommerce stores take payments, so it meant a lot of lost sales yesterday for companies all around the Internet. It’s very rare that they have an outage… but I wanted to send out a quick tip if it happens again and you want to save sales. (But there are risks). Magento’s Saved Credit Card Option So, let me first start off with the fact that this is not a PCI-compliant solution. It’s not ideal. I’d say that this is for emergencies only. And it might even be too risky for your company. But if a payment gateway goes down completely, and you’re not able to take orders, my recommendation is to do a temporary bypass and turn ...
  • Magento API Shipping Email Notification Bug (Solved)

    June 3, 2015

    Jeff Finkelstein

    Solving Magento API shipment notification and tracking problems If you want to use the Magento API to handle shipment notification for your customers and add tracking numbers into the email sent to an end user, there’s a well known issue / bug. The main issue is that when you create a shipment via the Magento API, the shipment notification email sends out before you’re able to add tracking information to the shipment. Dozens of hours and frustrated whiteboard sessions later, we’ve come up with a way to solve this issue – without creating a module or overriding core Magento code. Magento Bug Summary: With the Magento API, you can invoice, ship, and add tracking data to an order via the Magento API. However, when you create the shipment, the shipment notification sends before you can add tracking information to the shipment. Here’s a hack to solve this problem without creating a module or overriding ...
  • Magento Nerf Gun Battle

    June 1, 2015

    Jeff Finkelstein

    Magento Nerf Gun BattleJust in case you ever wanted to see some of the behind-the-scenes of what goes on at a Magento Web development / programming company, here’s a quick video. Background: I was out of the office for a couple of hours, and the team had a bit of a nerf gun battle. Fortunately, it was captured on video… Need help with Magento Programming? We can help! Call 303.473.4400 or visit here to have a real person contact you now.
  • Authorize.net Payment Gateway is DOWN (May 26, 2015 – 2:59 pm)

    May 26, 2015

    Jeff Finkelstein

    If you’re en eCommerce site, please know the Authorize.net payment gateway is DOWN right now, and not accepting payments. If you’re running an eCommerce site like Magento and use Authorize.net for payments, and the payment is failing / people are not able to check out, this is likely the cause. Authorize.net Payment Gateway is DOWN (May 26, 2015 – 2:59 pm)
  • Punny Error 404 Page for Peanut.com

    May 11, 2015

    Jeff Finkelstein

    Nuts! The Page You Are Looking for Doesn't ExistIf you know my sense of humor, I came up with this pun of a 404 page for one of our clients, Peanut.com… Check it out here:
  • Godaddy Crons Not Working / Not Firing

    May 11, 2015

    Jeff Finkelstein

    Over the weekend (May 9, 2015) , a couple of cron functions stopped working for a client that is hosted on Godaddy. For whatever reason, the site’s path to execute the cron was not working. And even the Godaddy hosting system that allows you to create a cron didn’t help. I fixed it by changing: /web/cgi-bin/php5 (This is what Godaddy puts into the cron by default) to this: /usr/local/bin/php And now it’s working…
  • Google Update: April 21, 2015

    March 31, 2015

    Jeff Finkelstein

    In case you didn’t know, Google is rolling out an important update to their algorithm on April 21, 2015. And if your site is not mobile-friendly, you may see decreased search rankings. April 21, 2015 – Google’s Mobile Ranking Change Google doesn’t often come out an tell everyone about new updates, but in this case, Google’s Gary Illyes spoke recently at the SMX West Conference about the update. When asked about the ranking change, Illyes said, “I will say April 21st is a very important day.” Why the Change? Why the change? Google, like all other sites, is seeing explosive growth in mobile traffic. This year, advertising on mobile devices is expected to outpace desktop / laptop online advertising. (And Google makes the vast majority of their income through advertising.) People use their smart phones or mobile devices for more and more. And people tend to hate to use websites that were designed only ...
  • Why Remove .php and .html From the End of URLs

    March 30, 2015

    Erin Tran

    You might have noticed that the end of your website’s URLs have .php or .html at the end of it whereas others do not. Should you remove yours? URL rewriting doesn’t actually remove the index.php but instead hides it. While your website won’t suffer leaving them on, there are a few benefits to hiding them. Switching from www.example.com/books.php to www.example.com/books/ maintains a cleaner URL that is better for user experience. A cleaner URL with less characters means you can then optimize the URL with better keywords, especially if they are long. Hiding .php and .html In order to hide this syntax, it’s important to remember that index.php is the file responsible for processing any and all requests to the system. We recommend having a developer do this to avoid breaking the website in case of a mistake. Essentially, the developer needs access to your website’s FTP to edit the .htaccess file where they will input ...
  • SEO for Infinite Scroll Websites

    March 23, 2015

    Erin Tran

    Computer Mouse - Colorado SEO - Customer Paradigm Many companies that want to stay ahead of the curve online get an infinite scroll website, which can be visually appealing and great for mobile surfing but is not good for SEO. The way an infinite scroll site works is that before someone scrolls, the content below already starts loading so people get to view more content without having to wait. A few popular websites that have infinite scroll are: Twitter, Pinterest, and Mashable. These sites are great for browsing forever on end without changing pages. Even though there seems to be endless content, the structure of infinite scrolls is not SEO-friendly. Search Engines Can’t Crawl Infinite Scroll The biggest SEO challenge for infinite scroll sites is indexing. Built with JavaScript, search engines like Google does not allow JavaScript download to show any content below the fold because the content does not actually activate until someone manually scrolls or clicks “Next.” So, everything ...
  • Google Favors Secure Sites for Search Rankings

    March 16, 2015

    Erin Tran

    HTTPS Padlock - Colorado SEO - Customer ParadigmGoogle put out a notice in August 2014 that their algorithms would incorporate the existence of a website security certificate to affect website rankings in their search results. It is easy to tell if a website is secure through the HTTPS (hypertext transfer protocol secure) present in the URL instead of HTTP and a padlock image—if you haven’t set up secure encryption on your website yet, now is a good time to get that done. Based on recent hacks on big corporations and small businesses, it makes sense why this is becoming a priority for websites and not just another trend. Hackers as a whole are getting a lot more sophisticated in their methods to obtain information from people while remaining anonymous and this is shown in the large scale hacks in the last couple of years. Hackers Take Vital Information from American Corporations Surprisingly, it doesn’t matter what kind of business you ...
  • Expert Tip for Magento – Searching The Entire Magento Database

    March 5, 2015

    Jeff Finkelstein

    Magento Logo - Customer Paradigm  If you’re trying to find a specific piece of content in the Magento database, there’s usually not an easy way to search through all of the tables quickly and easily. (At least without a lot of higher-end access to the system.) You could run a shell script that discovers and steps through each table in the system. But this takes time, and requires a level of mySQL that not everyone has. Plus, you’re running a pretty intensive script on a live site’s database. One wrong character, and the site could grind down to a halt, or become corrupted. There’s an easier way. Create a mySQL dump file.  You’ll need to have access to the Magento Database.  Usually you can do this via phpMyAdmin or from your Website’s control panel.  Or, perhaps just via SSH from the command line. But once you have access to the database, you’ll want to find the options that ...
  • Oops. I just made a big email marketing mistake

    March 3, 2015

    Jeff Finkelstein

    Email-Marketing-Mistake-ExampleOoops. I just made a big mistake and broadcast it out to (many) thousand people via email. In this case, I was moving too quickly, and mis-typed my email address that was in the FROM line of the email. I made a mistake in the domain name – the part after the @ symbol. In this case I used ‘@CutomerParadigm.com’ instead of ‘@CustomerParadigm.com.’ If I had made a typo in the part on the left side of the @ symbol – jefff vs. jeff, then I could have quickly set up a forwarding account so that anything that went to the jefff@ would forward to my real account. But that doesn’t work if you mess up the domain name. So… what to do? I did two things. 1. Registered the domain name and made the bad email address a working, valid one. This way, if someone tried to reply to the older / incorrect email address ...
Read more


Customer Paradigm
5353 Manhattan Circle, Suite 103, Boulder, CO 80303
Call us toll free: 888.772.0777 or 303.473.4400

Customer Paradigm Star Review of Customer ParadigmStar Review of Customer ParadigmStar Review of Customer ParadigmStar Review of Customer ParadigmStar Review of Customer Paradigm 4.87 out of 5 based on 55 ratings. 34 user reviews