{"id":7758,"date":"2021-11-12T12:00:14","date_gmt":"2021-11-12T20:00:14","guid":{"rendered":"https:\/\/codedcommerce.com\/?p=7758"},"modified":"2023-10-13T21:14:23","modified_gmt":"2023-10-14T04:14:23","slug":"ecommerce-emergency-preparedness","status":"publish","type":"post","link":"https:\/\/codedcommerce.com\/ecommerce-emergency-preparedness\/","title":{"rendered":"eCommerce emergency preparedness"},"content":{"rendered":"\n<p class=\"has-drop-cap wp-block-paragraph\">I was chatting with a lawyer friend of mine recently and he suggested the topic of emergency preparedness and management as we approach one of the year&#8217;s busiest shopping seasons, BFCM. No doubt, lawyers typically deal with things after they have become serious. I concur this is a great topic and is timely especially for at-risk online stores. Here goes&#8230;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Let&#8217;s begin with some of the things that can go wrong:<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Plugin, theme, or core software update breaks something, potentially checkout<\/li><li>A link to a dev or staging site finds its way into the wild and orders trickle into the wrong database<\/li><li>Traffic spike \/ concurrency hits some unexpected capacity limitation (memory, PHP worker shortage, disk space, timeouts, etc.)<\/li><li>A service that you rely upon hits a usage limitation, such as a behind-the-scenes technical integration<\/li><li>Web hosting service has an outage, usually quite temporary<\/li><li>Payment provider has a service disruption, usually quite temporary<\/li><li>A synchronous or render-blocking asset on the page is loading slowly, timing-out or crashing<\/li><li>Marketing campaign contains wrong information or broken links<\/li><li>Website gets compromised, indicated by content, malware or ads showing up<\/li><li>Website gets compromised, denial of service or credit card guessing attack<\/li><li>Disgruntled staff or vendor sabotages something or their account is hijacked<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">An ounce of <strong>prevention<\/strong>:<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Use quality managed hosting that takes responsibility for performance and security matters<\/li><li>Automate backups and know when and how to restore from them, including granular restoration techniques<\/li><li>Update your core, theme, and plugin software ahead of big events to ensure you have patched and supported versions in operation<\/li><li>Know bottlenecks in your operation and work to automate them or have alternatives available<\/li><li>Test your site&#8217;s PageSpeed \/ Lighthouse, response time (TTFB), render and load time KPIs to understand the weak points<\/li><li>Test your site for Web Accessibility with the WAVE browser plugin and report errors to the appropriate parties<\/li><li>Ensure all dev and staging environments (copies of the site) are offline, have a password wall, or redirect non admin traffic to production<\/li><li>Check with your hosting service about anticipated traffic levels, ensure your provider and plan is adequate<\/li><li>Review everybody with an administrator and shop manager account and their password strength, use a password strength requirement plugin (managed hosts usually have this built-in)<\/li><li>Review fraud protection settings within your payment gateway services, such as velocity rules<\/li><li>Have two or more payment providers active plus a backup or two ready to engage as needed<\/li><li>Have brute-force login protection, such as JetPack or Limit Login Attempts plugin or firewall service, and lock-down login sources (IP addresses, XML-RPC logins, REST API, webhooks, etc.)<\/li><li>Utilize a good firewall (WAF) such as Cloudflare Pro offering a rule engine with threat intelligence<\/li><li>Increase manual testing of all critical workflows in production to ensure quality control escapes don&#8217;t happen at the wrong time<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">A pound of <strong>cure<\/strong>:<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Having a virtual &#8220;situation room&#8221; to communicate with critical parties during an event to ensure immediate and appropriate measures are engaged and panic doesn&#8217;t lead to poor decision making<\/li><li>Viewing and understanding PHP error logs (sever level and the Woo Status area)<\/li><li>Viewing and understanding browser console (JavaScript) errors<\/li><li>Deactivating a problem plugin or disabling a problem feature within a plugin<\/li><li>Swapping out payment gateways<\/li><li>For shared environments contacting your host right away about an outage or slowdown<\/li><li>For private servers (VPS) restarting your database service (MySQL), PHP-FPM service, or the operating system<\/li><li>Activating reCaptcha service to enforce a layer of bot protection<\/li><li>Enabling an auxiliary shipping or fulfillment service to handle overflows<\/li><li>Granular restore from backup of specific orders, users, post types or settings<\/li><li>Restoring the whole site from backup, which will lose all orders since the backup was taken<\/li><li>Using the Store Notice setting to alert visitors about something important<\/li><li>Mass emailing customers affected by a problem so they hopefully don&#8217;t worry too much or bombard customer support<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Hopefully all this is good food for thought as you prepare for upcoming events. Shameless plug; It never hurts to bring in a technical consultant like myself to review things.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I was chatting with a lawyer friend of mine recently and he suggested the topic of emergency preparedness and management as we approach one of the year&#8217;s busiest shopping seasons, BFCM. No doubt, lawyers typically deal with things after they have become serious. I concur this is a great topic and is timely especially for [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":7778,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[52047,635718624,635718625],"tags":[],"class_list":["post-7758","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-shopify-guides","category-woocommerce-guides"],"jetpack_featured_media_url":"https:\/\/codedcommerce.com\/wp-content\/uploads\/2021\/11\/ecommerce-emergency-preparedness-scaled.jpg","_links":{"self":[{"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/posts\/7758","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/comments?post=7758"}],"version-history":[{"count":0,"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/posts\/7758\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/media\/7778"}],"wp:attachment":[{"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/media?parent=7758"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/categories?post=7758"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/codedcommerce.com\/wp-json\/wp\/v2\/tags?post=7758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}