The maintenance has been completed. All sites and services are running as normal.
The email server maintenance will be done at another time as there was not enough time to complete it tonight.
Any questions or comments please send an email to support@storesecured.com
Scheduled maintenance period Saturday 11/10/18 9:00pm – 10:30pm Pacific time.
We will be optimizing the server hardware for the database server this Saturday evening. This will cause downtime for all stores and the management portal of between 30-90 minutes. A maintenance message will be shown during the downtime.
When the database maintenance is complete further server hardware optimizations will be done on the email server. The email server maintenance period will result in downtime for the email server ONLY. Merchants will be unable to login and view or send email during this time frame. Any email received during the downtime will be delivered shortly after email service is restored.
For questions, comments or concerns please email support@storesecured.com
Some common questions we have received so far after the update:
1) I am using Outlook or another program to read email do I need to update the server address from mail.storesecured.com to webmail.storesecured.com?
No, the https://webmail.storesecured.com address change is ONLY for those who are using webmail. If you are using Outlook or your phones email etc this does NOT change.
2) Should I enable Secure Password Authentication?
No, Secure password authentication should not be checked, it is only for certain types of servers
3) Should the SMTP port be 25 or 587?
Either one, it does not matter for us, your Internet provider may block one or the other so if one does not work, then try the other
4) Does the outgoing server require authentication?
Yes, the outgoing server requires authentication using the same settings as the incoming server.
5) Can I connect without TLS?
Yes, you can technically connect without TLS but it is then not a secure connection just like using a http vs https webpage. We highly recommend always using a secure connection.
6) My email software only shows a checkbox for SSL and no TLS?
On some email programs we have seen that they do accurately use TLS when you check the SSL box as long as you are connected with the correct port. If your email program does not have TLS selection please try using the SSL selection instead.
If you are using IMAP for incoming, use port 143, if you are using POP3 for incoming use port 110.
7) My email still doesn’t work, can you help?
Yes, if you are running an older version of Windows, ie Windows 7 or 8 it may not support TLS 1.2 by default. To verify this is the case please send your ip address (look it up at www.whatismyip.com) to our support team and we can confirm from the logs.
8) I have Windows 7 and TLS 1.2 is NOT enabled, how do I enable it?
Here is a link to some instructions on how to update Windows 7 to support TLS 1.2
Scroll down in the article about halfway to where it says:
Steps required to switch to TLS 1.2 on Windows 7 and start there.http://www.teamnetworks.net/blog/4832/enabling-tls-1-2-on-windows-7-complete-instruction/
Follow the steps listed.
Try to connect via email again.
Alternatively here is a article directly from Microsoft describing the same process, I don’t feel it’s quite as easy to follow though you may prefer to go straight to the source.
https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in
9) I’m still having problems?
If you are still having problems please contact our support team for assistance.
Effective June 24th there will be several security changes to our email server to comply with PCI rules.
Email Server Maintenance
The email server will be unavailable periodically during the maintenance period from approximately 8:00pm-midnight pacific time on June 24th to make the above changes.
How can I prepare for these changes ahead of time?
When using webmail start going to https://webmail.storesecured.com INSTEAD of http://mail.storesecured.com
If using Outlook or other email program to read your mail make sure it is setup to use TLS connections with the proper ports:
To change this setting in Outlook
Additional Questions
If you have questions about your particular setup, email program etc, please contact StoreSecured support via our support system for additional assistance. Also you can read our FAQ about the change here.
Effective June 16th, 2018, StoreSecured will be turning off our support for TLS 1.0. We are doing so to comply with the latest PCI standards which require that support for TLS1.0 is disabled by June 30, 2018 at the latest.
Potential Issues
Please note that if you or your clients have very old browsers this may mean that you are no longer able to use the StoreSecured website’s in secure mode unless the browser is upgraded.
How to check your browser
Go to https://www.ssllabs.com/ssltest/viewMyClient.html and look in the very first box labelled Protocol Support. If it says “Your user agent has good protocol support” then you are good, otherwise you need to upgrade either your browser, your operating system or both.
Why are we doing this
We are required to turn off TLS 1.0 and lower support in order to comply with PCI regulations and to ensure high security. PCI regulations are required to be adhered to in order to accept credit cards. As an ecommerce site provider this is critically important for us and for you our merchants. We have waited as long as possible to turn this off to give clients time to upgrade and now we must proceed.
Questions
If you have any questions or concerns feel free to contact us via support request or via email at support@storesecured.com or you can read further at the link below:
Effective immediately new bot security measures have been added to the payment pages for StoreSecured merchants. After multiple credit card declines a captcha will be shown to the user for them to prove that they are a human and not a bot. As the declines continue the captcha will be shown each time and verification required to continue. If there are several more declines the user will be temporarily blocked from processing a new payment for a period of time.
The captcha was added due to bots who are trying out credit card numbers on a few of our merchants websites resulting in high numbers of declined charges. The captcha implementation is meant to keep the checkout process easy for real users but tough on bots.
If you are not familiar with what a captcha is you can read more about them at the link below:
https://www.intechnic.com/blog/what-is-captcha-and-how-is-it-used/
If you have any questions about this new feature please submit a support request and we would be happy to help.
Important note for customers who use Authorize.net as the payment gateway.
Between approximately 9:30am and 12:30pm today 8/15, Authorize.net had several periods of slowness and errors with their API calls which resulted in errors and time outs for customers who tried to process credit cards with Authorize.net. We urge merchants who use Authorize.net to check your transactions in the Authorize.net portal that occurred during this time for any duplicate orders or orders with payments that StoreSecured did not receive notice of. Please note that during this time many attempts to charge customer credit cards were met with a timeout message or an error from Authorize.net and thus StoreSecured may not know the final status of those charges.
Special alert to our merchants who use Google Chrome.
Google Chrome has put out an update today which breaks the editor tool that is used inside of StoreSecured. Please note that when using the latest google chrome browser with Storesecured’s editor all of your editor content appears empty and if edited will result in losing your content.
This is a brand new Chrome update and we are investigating to see if the editor tool has an update to stop this problem.
In the meantime we recommend either turning off the editor if you use Google Chrome, use a different browser, OR set your editor to use the old version. This setting is located under General–>Other Settings.
Note that this is a result of an automatic update that Google Chrome is doing today so if you use Google Chrome this applies to you.
As soon as we have further information we will make further updates.
This morning, 3/21, StoreSecured experienced an issue that affected the successful loading of some of the pages in the application used to manage stores. Note that this issue did not affect actual store loading or any other areas beyond the editing of stores. The error was the result of a problem with a windows security update for new PCI compliance rules and was resolved at approximately 10:30am Pacific time.
We are sorry for any inconvenience that this error caused. The underlying issue has now been found and corrected.
2:55pm PST
The email server has been restored from the most recent backup file and all email accounts are now operating as normal. There was downtime of approximately 1 hour and any emails sent during that time will still be received.
**IMPORTANT** Please note that the last backup which we restored from was done at 11:00PM PST last night and all email accounts have been reverted to their status as of 11:00PM. Because we are now working off the backup please note that anything done between the last backup and 2pm is NOT visible. Ie emails sent were delivered as that action had already occurred. Emails that you had already opened to read between 11pm and 2pm will be shown again as unread. Most importantly, any email received during that period is no longer available. We are very sorry for the inconvenience that we know that this has caused, unfortunately the backup was about a half a day old. As is always the case, we will be reviewing what happened along with the backup policies and procedures to see if they can be improved for the future. If you have any questions, comments or concerns, please direct them to support@storesecured.com
2:00pm PST
The email server is currently down. We have experienced a hardware failure for the server where the email is hosted. All email accounts are currently non-functioning. While we are researching what has happened we have begun a restore from the most recent backup to create a new server and as soon as the backup is restored we will be restoring email service. Further information will be posted once it is available. At this time we expect approximately 1-2 hours restore time.
All other services are operating as normal.
