Important data storage change

August 3, 2016 by

Important changes regarding credit card data storage.

Due to the ever changing PCI landscape and increasingly stringent PCI rules and regulations, moving forward StoreSecured will no longer store full credit card numbers. Storing this information causes increased potential risk and PCI burden for StoreSecured and all our merchants.

Effective 9/1/2016 ONLY the last 4 digits will be stored for new transactions.  All existing full credit card numbers stored in the system will be removed by September 16.

For merchant using No Processor, (manually processing credit cards)

Please note that this means that StoreSecured will no longer support offline manual credit card processing due to the requirement to access the full credit card numbers for doing so.  Instead we recommend the usage of one of our low cost gateways for real time processing such as Braintree or PayPal.  See general–>payments–>gateway.  All merchants using no processor have been contacted previously about this change.

For merchants using a real time payment gateway

Please note that the credit card information is NOT required for credits, voids or refunds.  The last 4 digits of the card number will be saved for reference purposes and also for a few gateways who require the last 4 digits for refunds and captures.  In addition most gateways provide a way to re-charge a customer who has already made a purchase through your store, thus making access to the credit card information not necessary.

Merchants, your PCI compliance scope should be reduced with the removal of access to this sensitive information which may mean less strict requirements and an easier yearly questionnaire.

For any questions, comments or concerns regarding these changes please contact us via the support system or at support@storesecured.com

Scheduled Maintenance 7/22 9:30pm PST

July 20, 2016 by

Scheduled maintenance period Friday 7/22 9:30pm – 10:30pm Pacific time.

 

During the maintenance window there will be expected downtime of approximately 15-30 mins for stores and the management portal.  A maintenance message will be shown on stores during the downtime.

 

For questions, comments or concerns please email support@storesecured.com

Scheduled Maintenance 4/27 9:00pm PST

April 21, 2016 by

Scheduled maintenance period Wednesday 4/27 9:00 pm – 11:00 pm Pacific time for email server hardware upgrades and migration.

 

During the maintenance window there will be expected email downtime of between 30-60 minutes.  During the email downtime users will be unable to login, retrieve or send email.  Incoming emails will be stored in our backup email server and delivered to your inbox shortly after the maintenance is complete.

 

After the email server maintenance is completed, there will be a  short, 5-10 minute scheduled maintenance for the sites and manage portal.  A maintenance message will be displayed to users when the sites and manage portal are not available.

 

The 4/27 email maintenance will be the final step of our hardware upgrade migration.  For questions, comments or concerns please email support@storesecured.com

 

 

CloudFlare, Caching, Bandwidth & Speed

April 19, 2016 by

Recently we have gotten a few queries from customers after the switch to using the CloudFlare services and I wanted to take a explain caching for those of you who are curious.

 

Part of the service that CloudFlare offers by default is a caching mechanism which saves your stores images, css and js files across the globe. This makes the sites load very quickly as the files can come from a server that is located very geographically close to the end user. See the map of CloudFlare’s data centers here https://www.cloudflare.com/network-map/ .

 

StoreSecured tells CloudFlare how long to save static content and then once a single customer has requested a file, that file is ready for the duration of the cache period for super quick loading from the CloudFlare servers and it also tells the user to cache locally (this was done previously as well). Please note that it is a best practice on the web to cache static content like images, css, and js files and to use a  CDN like CloudFlare to do so.  Cache is especially important for images that are part of your store template, ie those that are on each page of your website as once a user loads a file once on the first page load there is no need for them to need to load it again, this makes subsequent page loads much quicker.

 

What happens when you want to change an image or css/js file and want everyone to see it right away? Here is where caching can be more of a pain for you as the site owner/updater.  If the image is cached then users will still see the old image until the cache time period has expired. The way around this is to give the new image a new name. This will ensure that the new image is immediately downloaded and viewed by everyone.  Yes, this can be a pain but there is a big trade off here in site loading time for your users.

 

By default all StoreSecured sites are operating on a 4 hour cache with CloudFlare. This number can be increased, decreased or the cache can be removed (not recommended but it is an option if requested).  To change the default number of hours to cache for your site please contact us via support ticket with the new cache time.   A separate cache expiration can also be set for different folders in your site if desired.

 

Hint: The longer that files can be cached the more efficient/quick loading your site will be.  If your images do not change often and you are comfortable with renaming them when they do change then we recommend at least a 1 week cache expiration.

 

If you view your StoreSecured statistics often you may also have noted that the number of hits shown in your statistics file has gone down since you switched over to using CloudFlare.  This is normal and a good thing and again this is attributed to caching.  This has nothing to do with visitors to your site.  The hits is an indication of how many different files that users request when they come to your site.  A single page view can generate hundreds of hits, ie each image, css and js file that is needed to load a page is a hit.  Thus when a file gets cached it no longer has to be requested from the StoreSecured servers and your hit counts go down.  This also reduces the amount of bandwidth that your site uses.  Your visitor count in the stats should mostly remain the same but may go down slightly due to new protection features that block bad bots, spammers and attackers.  Since those people never reach the site their visit is no longer counted.

 

If you have any questions, comments or concerns please contact us at support@storesecured.com.

Maintenance Completed

April 16, 2016 by

The maintenance has been completed. All sites and services are running as normal. Any questions or comments please send an email to support@storesecured.com

Merchant Action Requested – DNS Change

April 13, 2016 by

=====================================================
**Merchant Action Requested for Custom Domain Names**
=====================================================
If your store uses a custom domain name, for instance http://www.mystore.com the following instructions apply to you.

If your store is only available at a subdomain, for instance, mystore.storesecured.com or mystore.easystorecreator.com the below information does NOT apply.
=====================================================

In order to take full advantage of the planned upgrades and for a more seamless transition we urge all customers who are currently using Rackspace nameservers to update your domain nameservers.

If your current domain nameservers are:
NS.RACKSPACE.COM
NS2.RACKSPACE.COM

Change the domain nameservers to:
JEFF.NS.CLOUDFLARE.COM
UMA.NS.CLOUDFLARE.COM

ONLY the two CloudFlare name servers should be present. All other nameservers must be removed.

Your website will not experience any downtime when you change your nameservers.

How do I change nameservers?
==================================
Nameservers can be changed at your domain name registrar, ie the company who you pay your yearly domain name fee to. Some examples of domain name registrars are network solutions and godaddy.

Why do I need to do this?
==================================
We are transitioning all merchants who use the Rackspace DNS to Cloudflare DNS for their advanced zone apex management and traffic protection. The Rackspace DNS is older and does not provide the necessary support and automated management. All sites WILL continue to function even if the change is NOT made but we will be unable to automatically route your shoppers to the least busy server.

What is CloudFlare?
==================================
CloudFlare offers regular DNS services along with traffic acceleration, DDOS protection and a worldwide CDN. As part of the DNS switch we will also activate CloudFlare’s advanced features on your site. You can read more about Cloudflare at
Cloudflare Service
and
http://www.cloudflare.com

Special notes and considerations
==================================
If you use your domain name for any services outside of StoreSecured, ie 3rd party email or websites please let us know so that we can ensure your setup is correct for the switch over.

Questions
==================================
If you have any questions, comments or concerns please contact support at support@storesecured.com, we would be happy to help.

Scheduled Maintenance 4/15 9:00pm PST

April 11, 2016 by

Scheduled maintenance period Friday 4/15 9:00 pm – 2:00 am Pacific time for server hardware upgrades and migration.

During the maintenance window there will be expected downtime of between 30-60 minutes during which a maintenance message will be shown in place of the sites. For the remainder of the maintenance period sites will be running but with expected slower then normal response times.

The manage portal and ftp servers will be set to maintenance mode during maintenance and store owners will be unable to login or make changes to sites.

Email will operate as normal during maintenance.

=========================================================
**Merchant Action Requested**
=========================================================
If your store uses a custom domain name, for instance http://www.mystore.com the following instructions apply to you.
If your store is only available at a name like http://mystore.storesecured.com or http://mystore.easystorecreator.com the below information does NOT apply.

In order to take full advantage of the planned upgrades and for a more seamless transition we urge all customers who are currently using Rackspace nameservers to update your domain nameservers.

If your current domain nameservers are:
NS.RACKSPACE.COM
NS2.RACKSPACE.COM

Change the domain nameservers to:
JEFF.NS.CLOUDFLARE.COM
UMA.NS.CLOUDFLARE.COM

ONLY the two CloudFlare name servers should be present. All other nameservers must be removed.

Your website will not experience any downtime when you change your nameservers.

How do I change nameservers?
==================================
Nameservers can be changed at your domain name registrar, ie the company who you pay your yearly domain name fee to. Some examples of domain name registrars are network solutions and godaddy.

Why do I need to do this?
==================================
We are transitioning all merchants who use the Rackspace DNS to Cloudflare DNS for their advanced zone apex management and traffic protection. The Rackspace DNS is older and does not provide the necessary support and automated management. If the change is NOT made your site WILL continue to function however we will be unable to automatically route traffic to the best available server.

What is CloudFlare?
==================================
CloudFlare offers regular DNS services along with traffic acceleration, DDOS protection and a worldwide CDN. As part of the DNS switch you will later be able to activate CloudFlare’s advanced features on your site. You can read more about Cloudflare at
Cloudflare Service
and
http://www.cloudflare.com

Special notes and considerations
==================================
If you use your domain name for any services outside of StoreSecured, ie 3rd party email or websites please let us know so that we can ensure your setup is correct for the switch over.

Questions
==================================
If you have any questions, comments or concerns please contact support at support@storesecured.com, we would be happy to help.

Promotions New Feature

March 24, 2016 by

StoreSecured now supports the ability to calculate the total for promotion validity based on only the items that are valid for a promotion vs the entire order total.

To change this functionality please visit
General–>Checkout Settings
Find the field labelled Apply Promotions
Choose the radio button labelled Apply promotions on total of selected items

The default promotion behavior for existing stores has not changed. Your handling will only change if you choose this new option.

Manage Portal Slowness 3/20/2016 Resolved

March 20, 2016 by

On Sunday March 20th between approximately 9:00am and 10:15am Pacific time StoreSecured experienced slowness on the management portal. All requests to login to the management portal received errors and anyone already logged in was experiencing extreme slowness in managing their stores. The issue was resolved as of 10:15am.

We are sorry for any inconvenience.

Cloudflare Service

February 2, 2016 by

On average, a website on CloudFlare loads twice as fast for its visitors, sees 65% fewer requests and saves 60% of bandwidth.

The basic Cloudflare service with StoreSecured is FREE and offers the following advantages:

  • Save bandwidth – Web traffic is routed through our intelligent global network. We automatically optimize the delivery of your web pages so your visitors get the fastest page load times and best performance. We also block threats and limit abusive bots and crawlers from wasting your bandwidth and server resources.
  • Minify HTML, CSS and Javascript – On-the-fly removal of unnecessary characters from HTML, CSS, and JavaScript.
    Saves 20% of a file’s size and works without caching so it can support even fully dynamic pages.
  • World Wide CDN – CloudFlare operates out of 76 data centers around the world. Static files like images, css files etc are stored closer to your visitors for faster load times.
  • Super fast DNS – CloudFlare runs one of the largest authoritative DNS networks in the world. We’ve built DNS to be fast, powerful and secure.
  • Extra layer of security – CloudFlare’s technology automatically detects new attacks that arise against any website on its network. Once CloudFlare identifies that there is a new attack, CloudFlare starts to block the attack for both the particular website and the entire community.
  • Added SSL – CloudFlare add’s SSL ability to your custom domain name that works with most browsers

Or upgrade your Cloudflare service to Pro for an extra $20 a month and add:

  • Enhanced image optimization – automatically applies both “lossless” and “lossy” image optimization to remove unnecessary bytes from GIF, PNG and JPEG images. On average, image sizes are reduced by 35%.
  • Even faster mobile loading – ensures that images delivered to your visitors are the appropriate size and resolution for their device. Mirage detects screen size and connection speed to deliver the best image for the current browser window, mobile or desktop.
  • Enhanced security – additional protection against real-time attacks like SQL injection, cross-site scripting and comment spam with CloudFlare’s cloud-based web application firewall, which stops the malicious attack before it can cause damage to your website.
  • Enhanced SSL – Enhanced SSL certificate added to your custom domain name that works with all browsers.

Cloudflare sits on top of the existing site and enhances it, it does not change any functionality.

 

To learn more about Cloudflare please visit https://www.cloudflare.com

 


Follow

Get every new post delivered to your Inbox.