Archive for the ‘Important Changes’ Category

StoreSecured Knowledge-Base & Support Portal

December 7, 2020

Dear valued customers,

We are pleased to announce that we have redesigned our knowledge-base and support portal for the convenience of our customers. You can access this portal in the following two ways:

  1. Direct Access: You can directly access knowledge-base and support portal by typing the following URL in browser: https://support.storesecured.com
  2. From “Get Help” link in Manage Portal: You can access knowledge-base and support portal from the “Get Help” link given in manage site “https://manage.storesecured.com”.

Features:
* In our new knowledge-base and support portal, you can open a new ticket (Support Request). We have given a button “Open a Ticket” in portal. This button will take you to our regular Support Request page. https://manage.storesecured.com/dnstore/MyAccount.aspx?tab=SupportRequest

* You can also contact us through “Contact Us” form in portal in case of any emergency. ** Don’t forget to mention your Site# in description. https://support.storesecured.com/contactus.asp

* In addition to voicemail option to our support number, You can now send us SMS to the same support number “+1-866-324-2764“. Our team will respond you back according to your turn in queue.

* We have added a new button “Announcements” in our knowledge-base and support portal which is directly linked up with our blog i.e. https://blog.storesecured.com

We would love to hear back from our valued customers so that we can serve in better way. Please do not hesitate to reach out to us at support@storesecured.com OR call us at +1-866-324-2764

New SSL Certificate Installation on Our Servers

November 23, 2020

Dear Merchants, this is to update you all that we have updated our servers (FTP server, Mail servers, Sites servers etc) with the latest SSL certificate installation over the past weekend during the maintenance period.

Please feel free to contact us at support@storesecured.com or call us at (866) 324-2764 in case of any queries.

Stripe Payment Processor Integration for Store Billings

November 4, 2020

Please note that effective November 1, StoreSecured has updated our internal store billing to use the Stripe payment gateway.  Updates are still done via My Account–>Billing–>Update Payment method etc, but the update screens and receipts will look different.

Please feel free to contact us at support@storesecured.com in case of any questions.

Email Security Changes and Maintenance Period 6/24

June 20, 2018

Effective June 24th there will be several security changes to our email server to comply with PCI rules.

  • Webmail will be moved from mail.storesecured.com to webmail.storesecured.com. (ONLY for Webmail).
  • Webmail must be connected to securely, ie https vs http
  • All connections to read/deliever mail should be done securely, using TLS (NOT SSL) connections
  • TLS 1.0 will be disabled, SSL will be disabled. All connections must use TLS1.2 or higher
  • The mailserver will not accept plaintext credentials. All credentials must be encrypted.
  • SSL access to the email server via ports 993, 995, and 465 via SSL will be disabled in favor of more secure TLS connections on ports 25, 110 and 143

Email Server Maintenance
The email server will be unavailable periodically during the maintenance period from approximately 8:00pm-midnight pacific time on June 24th to make the above changes.

How can I prepare for these changes ahead of time?
When using webmail start going to https://webmail.storesecured.com INSTEAD of http://mail.storesecured.com

If using Outlook or other email program to read your mail make sure it is setup to use TLS connections with the proper ports:
To change this setting in Outlook

  1. With your Outlook client open, select Tools from the main menu. Then select Account Settings… from the drop down menu.
    This will open up the Account Settings window.
  2. If you have more than one email account configured, make sure that your StoreSecured Internet account is selected.
  3. With your StoreSecured email account highlighted, select Change.
  4. This will open another window called “Change E-Mail Account“.
  5. Click More Settings….
  6. This will open another window called Internet E-mail Settings.
  7. Click the Advanced tab.
  8. Look in the section called Server Port Numbers.
  9. In the drop down menu under Incoming server select TLS from the list of options.
  10. If you are using IMAP the port number should be set to 143.
  11. If you are using POP the port number should be set to 110.
  12. Then, in the drop down menu under Outgoing server (SMTP), select TLS from the options.
  13. Your outgoing server port number should be set to 25, in the Outgoing server (SMTP) field or port 587 can be used as an alternate SMTP port if you cannot connect via port 25.

Additional Questions
If you have questions about your particular setup, email program etc, please contact StoreSecured support via our support system for additional assistance.  Also you can read our FAQ about the change here.

 

New Feature – Secure Custom Domain Names

November 15, 2016

StoreSecured now supports the ability to make your custom domain name the secure name for your store as well.  Ie currently if you have a name like http://www.mysite.com your secure url during checkout might be something like https://mysite.storesecured.com

The new functionality will allow you to keep your custom domain name active for the entire checkout process, ie no switching the name during checkout.  It will also enable the store to be in secure mode 100% of the time.

 

Prerequisite

Your site must be using the Cloudflare service in order to activate your custom domain name as the secure name.  If Cloudflare is not yet activated you will be unable to proceed.

 

To enable this feature please visit

General–>Domain Name–>View/Edit

Click on the Edit link for the default custom domain name

Check the box labelled, Set as secure

Select the Save button

 

The store will now use the secure default domain name for all pages of your site and will no longer switch back and forth.

Old method

http://www.mysite.com for shopping etc

https://mysite.storesecured.com once login and checkout are started

Once changed

https://www.mysite.com used everywhere

All old urls will continue to be active, ie visitors coming in to mysite.storesecured.com would be redirected to the stores default domain name.

 

Important Considerations

The store will automatically use secure mode 100% of the time if your secure name and default name are the same.  This is a good thing for Google and other search engines as it can boost your rankings since they now give preference to secure sites.  It is important to note however, that if you are using external scripts, image paths or full path to other references that are unsecure, ie http vs https, these external unsecure references can potentially give an error message to your customers on the secure page.  Ie something like, warning there are unsecure items on this page.  The actual security is not compromised but the error message can scare away some customers.  Therefore if you want to take advantage of this functionality we highly recommend first ensuring that you do not have any unsecure paths referenced.

We normally see these unsecure paths coming from external scripts, ie things added to the template like, 3rd party seals, 3rd party javascript, counters or statistics scripts, or images that are hosted outside of our system.  If you are receiving these unsecure errors and need help determining how to correct or find the issues please contact our support team by submitting a support ticket, we would be happy to help.

Important data storage change

August 3, 2016

Important changes regarding credit card data storage.

Due to the ever changing PCI landscape and increasingly stringent PCI rules and regulations, moving forward StoreSecured will no longer store full credit card numbers. Storing this information causes increased potential risk and PCI burden for StoreSecured and all our merchants.

Effective 9/1/2016 ONLY the last 4 digits will be stored for new transactions.  All existing full credit card numbers stored in the system will be removed by September 16.

For merchant using No Processor, (manually processing credit cards)

Please note that this means that StoreSecured will no longer support offline manual credit card processing due to the requirement to access the full credit card numbers for doing so.  Instead we recommend the usage of one of our low cost gateways for real time processing such as Braintree or PayPal.  See general–>payments–>gateway.  All merchants using no processor have been contacted previously about this change.

For merchants using a real time payment gateway

Please note that the credit card information is NOT required for credits, voids or refunds.  The last 4 digits of the card number will be saved for reference purposes and also for a few gateways who require the last 4 digits for refunds and captures.  In addition most gateways provide a way to re-charge a customer who has already made a purchase through your store, thus making access to the credit card information not necessary.

Merchants, your PCI compliance scope should be reduced with the removal of access to this sensitive information which may mean less strict requirements and an easier yearly questionnaire.

For any questions, comments or concerns regarding these changes please contact us via the support system or at support@storesecured.com

Merchant Action Requested – DNS Change

April 13, 2016

=====================================================
**Merchant Action Requested for Custom Domain Names**
=====================================================
If your store uses a custom domain name, for instance http://www.mystore.com the following instructions apply to you.

If your store is only available at a subdomain, for instance, mystore.storesecured.com or mystore.easystorecreator.com the below information does NOT apply.
=====================================================

In order to take full advantage of the planned upgrades and for a more seamless transition we urge all customers who are currently using Rackspace nameservers to update your domain nameservers.

If your current domain nameservers are:
NS.RACKSPACE.COM
NS2.RACKSPACE.COM

Change the domain nameservers to:
JEFF.NS.CLOUDFLARE.COM
UMA.NS.CLOUDFLARE.COM

ONLY the two CloudFlare name servers should be present. All other nameservers must be removed.

Your website will not experience any downtime when you change your nameservers.

How do I change nameservers?
==================================
Nameservers can be changed at your domain name registrar, ie the company who you pay your yearly domain name fee to. Some examples of domain name registrars are network solutions and godaddy.

Why do I need to do this?
==================================
We are transitioning all merchants who use the Rackspace DNS to Cloudflare DNS for their advanced zone apex management and traffic protection. The Rackspace DNS is older and does not provide the necessary support and automated management. All sites WILL continue to function even if the change is NOT made but we will be unable to automatically route your shoppers to the least busy server.

What is CloudFlare?
==================================
CloudFlare offers regular DNS services along with traffic acceleration, DDOS protection and a worldwide CDN. As part of the DNS switch we will also activate CloudFlare’s advanced features on your site. You can read more about Cloudflare at
https://blog.storesecured.com/2016/02/02/cloudflare/
and
http://www.cloudflare.com

Special notes and considerations
==================================
If you use your domain name for any services outside of StoreSecured, ie 3rd party email or websites please let us know so that we can ensure your setup is correct for the switch over.

Questions
==================================
If you have any questions, comments or concerns please contact support at support@storesecured.com, we would be happy to help.

Bandwidth limits doubled for all merchants

November 4, 2013

Ho Ho, Merry Christmas, Santa has come early this year.  Just in time for the busy holiday shopping season we have negotiated a new deal with our hosting provider to offer additional bandwidth for all of our merchants.  The new plan limits will take effect for the November billing cycle which is billed at the beginning of December.

 

Old Bandwidth 16 GB

New Bandwidth 32 GB

 

Legacy merchants, please visit the plan limits for legacy merchants help page for information on new bandwidth limits for your plan.

 

To change an existing bandwidth subscription based on the new limits please contact support via the help desk system.  Note: the extra 16 GB is equivalent to approximately 3 bandwidth subscriptions.

Login Changes Completed

August 3, 2013

The login change mentioned previously has now been implemented. All customers can now login using either their email or their old user name.

No changes or settings are required for individual stores.

What exactly has changed?

  1. Customers will no longer be asked to create a username when creating a new account, the email address will be used instead.
  2. The user name field on the login screen for returning users has been changed to be labelled Email.
  3. There are no longer separate email addresses for billing and shipping, the login email is used for both.
  4. If an existing customer tries to re-register the system will prompt them to login (if login is enabled for the store), or they can continue with registration.

Comments, questions, issues, please submit a support request.

Important: Log in change coming

July 26, 2013

Effective Saturday August 3rd evening all stores will be switched to a log in method based on email address INSTEAD of user name.  To prevent confusion or problems, all existing customers will be able to log in using EITHER a user name OR email address.   New customers will no longer be asked to choose a user name upon registration and the system will automatically use the email address for this purpose.  The fields currently labelled User name will be modified to say Email Address.  This change will enable easier registration for users as well as easier return log in with no need to remember a user name.   The email address log in is now standard among most online stores.

 

The store will no longer ask for separate email addresses for billing and shipping.  The email address given will be used in place of both and all customer email notifications will be sent to that address.   No changes are required from individual store owners, our team will update all stores automatically with the new functionality.

 

This notice is being given 1 week ahead of the update to allow you to notify your customers if you feel it is necessary before the change takes place.  Existing users can still log in with their user name if they so choose.  For example if the user name is entered instead of the email address in the email field it will be accepted and the user will be logged in.

 

We want to make sure this transition is smooth for all of our clients and their customers and welcome any questions, comments or concerns via support request.