How to Secure Your eCommerce Business Website

By Yan Kulakov, October 21st, 2016 in Guest posts, Tips and tricks

About the author:

Alex, a Security Operation Analyst at a global cybersecurity company, is interested in different topics on eCommerce marketing, along with other cybersecurity concerns like endpoint protection for enterprises. Her blogs oftentimes focus on technology, business, marketing, and cloud-integration aspects. eCommerce websites are prone to malicious threats, that’s why she’s sharing some tips on how to secure your eCommerce website.

One of the biggest problems being faced by businesses engaged in ecommerce is keeping the security of their ecommerce sites. Addressing this issue will help the ecommerce industry grow even more. So what should a business do to secure its site from risks? The following can help them out.

Choose a Secure Platform for Your Ecommerce Site

The first step in securing your ecommerce site is establishing it on a secure platform. The platform that you’re picking should have hefty features and shouldn’t not take security lightly.

A good example of a secure platform is CS-Cart. Taking it from CS-Cart itself:

CS‑Cart has been created and developed by a team of professionals since 2005. Not a community of artists, this is a team of highly qualified full-time professionals. That’s why our ecommerce tools are much more secure than Magento or PrestaShop. If we find a bug, we fix it at our quickest pace.

Ensure That Your Payment Processing is on a Secured Connection

Ensure that cyber crooks will find it very difficult, if not impossible, to tap into your payment processing systems. Use a secured connection by implementing Secure Sockets Layers (SSL) or the improved Extended Validation Secure Sockets Layer.

For the highest standards in connection security, make sure that you are compliant with the Payment Card Industry Data Security Standard (PCI DSS). For example, CS-Cart supports SSL and adheres to PCI Standards.

Avoid Storing Sensitive Data

The less data you store, the less risk is posed. PCI actually forbids the storage of sensitive data, such as debit or credit card numbers and the card verification value (CVV).

Verify Credit Card Transactions

Avoid fraudulent credit card transactions by employing address verification systems, as well as by requiring the card verification value.

Educate Your Employees

A good strategy in keeping the security of your ecommerce site is keeping your employees educated of security protocols. This reduces the chance for them in falling to tricks by cyber crooks.

Monitor Your Ecommerce Site Regularly

Make an effort in ensuring that your site is monitored by a real-time analytics tool. Also discuss monitoring protocols with your web host which, should include malware and virus scans.

Utilize DDoS Protection and Mitigation Service

Distributed Denial of Service (DDoS) is an attack from multiple sources which overwhelms the site, and ultimately makes the service unavailable. Protection against such an attack is vital.

Deal with Fraudulent Transactions Head On

Having fraud management and chargeback management services is a practical contingency plan in dealing with fraudulent transactions. It is best to be ready when this kind of transactions slip as you will never be able to fully prevent them from coming.

Follow us on Facebook and Twitter to stay informed about CS-Cart. Subscribe to CS-Cart newsletters via the form below to receive the most important news direct to your mailbox.

Follow CS-Cart news & promotions

Patch Your Store with CS-Cart 4.3.10

By Yan Kulakov, October 18th, 2016 in CS-Cart releases, News and announcements


Meet a new patch in the 4.3.x branch—CS-Cart and Multi-Vendor 4.3.10!

As it’s a patch, that means it only fixes issues in the previous version. So no new features here—the upgrade is safe for your store’s current functionality.

We’ve fixed four serious issues found by you guys, our dear customers. Thank you for your reports!

The upgrade fixes eBay Synchronization, PayPal Express Checkout, admin privileges, and the Store Locator add-on.

How to upgrade: If you have an active upgrade subscription or purchased the license less than a year ago, check the Administration → Upgrade center page in your admin panel. You’ll see the available upgrade there within a week.

How to install CS-Cart 4.3.10 from scratch: Get the installation package, install, and test CS-Cart for 30 days for free. To continue using CS-Cart after the trial period, buy the license.

Multi-Vendor: eBay Synchronization isn’t Shut Down, When a Vendor Logs in to the Admin Panel

In Multi-Vendor, there is the main administrator as well as many vendors. Each vendor has his or her personal admin panel. The main admin controls the whole marketplace, sets it up, and manages all the settings including add-ons. Some admins use a paid add-on, eBay Synchronization, which allows exporting products to eBay. This add-on requires a separate license.

Every time the main administrator logs in to the admin panel, the eBay Synchronization add-on connects to our licensing system to confirm the license. By a mistake, the add-on was connecting to our licensing system when a vendor logged in to his personal admin panel, too.

Vendors don’t have any license for eBay Synchronization, because it’s the main admin who manages all the licenses. Since the license wasn’t confirmed, the add-on stopped working for the whole store.

We’ve now fixed this issue: eBay Synchronization connects to confirm the license only when the main admin logs in to the admin panel.

Multi-Vendor: Customers Can Pay with PayPal Express Checkout When They Have Products of Different Vendors in the Cart

PayPal Express Checkout has a convenient feature—In-Context Checkout. It allows customers to pay via PayPal without leaving your store for the PayPal website.

One client discovered a bug: a shopper couldn’t pay for the order via PayPal Express Checkout with In-Context Checkout enabled if the order included products of several vendors. After a shopper hit the pay button, the page was redirected back to checkout. The notice said the shopper cancelled the transaction when he didn’t.

In Multi-Vendor 4.3.10, PayPal Express Checkout works correctly with the enabled In-Context Checkout.

Idle Administrators Cannot Use API to Manage the Store

A CS-Cart store can have multiple administrators. Each admin has his or her privileges and manages the store according to those privileges. You can add, delete, disable admins, and set privileges for them. For example, you can add a new admin but deny him the ability to change the store’s look or manage the catalog. If you totally disable the admin, he won’t be able to manage the store at all.

Besides managing the store directly in the admin panel, administrators can also manage it via API. By using an API client, an admin connects to the store and edits products, orders, shipments, and other data. All without entering the admin panel.

Before, admins with the Disabled status could still operate the store via API. In CS-Cart 4.3.10, we’ve fixed this bug. Now, if you disable an admin, he cannot manage the store—neither via the admin panel nor via the API client.

Store Locator is Updated to Work with Google Maps after October 12

Many store owners have both brick-and-mortar and online stores. To inform online customers that there is also the brick-and-mortar store, store owners add a map showing its location to the online store.

Say you manage a coffee-shop chain and sell coffee. You sell your high-grade coffee in your online store and you offer customers the chance to taste your coffee first at one of your coffee shops. Use the Store Locator add-on to show locations of your coffee shops around the city.

Store Locator fetches maps from Google maps. Google has updated their maps API: everyone must use the API key now to connect to maps. This mandatory condition takes effect October 12. After that date, your Store Locator add-on stops working with Google Maps. No matter whether you used the API key before or not.

To enable maps after October 12, you should do two things:

  • Upgrade to CS-Cart 4.3.10. This new version has the updated Store Locator add-on that works with the fresh Google API.
  • Add the API key to Store Locator. Obtain the key and insert it to the API key field on the Add-ons → Manage add-ons → Store locator page.

As well as these major fixes, CS-Cart 4.3.10 features more. Check out all the changes in the changelog.

Please report any bugs to the bug tracker. We do see all the reports and we take care of each and every one.

To keep up with the latest news, follow us on Facebook and Twitter. Subscribe to CS-Cart newsletters via the form below to receive notifications about each new version direct to your mailbox.

Follow CS-Cart news & promotions

2 Tips on How to Showcase Your Products Right

By Yan Kulakov, September 14th, 2016 in Articles, Tips and tricks


Adam is a business owner. He sells fedoras in his small shop in the city center. To make shopping easier and to drive more customers, Adam opens an online store, as well. Soon, though, he encounters a problem: his brick-and-mortar store is selling well but his online store isn’t bringing in new customers or income.

Adam’s actually got a fairly simple problem: he hasn’t presented his fedoras well! He quickly took product photos on his smartphone and copied poor descriptions from the manufacturer website. To drive more visitors to the online store and convert them into paying customers, Adam has to put effort into presenting his products in the right way.

While in brick-and-mortar stores people can see the actual products with their eyes and hold them with their hands, in online stores they see products as images. And, of course, in brick-and-mortar stores people can talk to the seller and find out about the features and benefits of the product—in online stores, they have to trust product descriptions.

In this post we’re going to talk about two key things you be doing when showcasing your products in your online storefront: product images and product descriptions.

1. Make Your Products Look Cool in the Images

In brick-and-mortar stores, customers can hold and try products before buying. When customers can see a product in real life and hold it in their hands, it weighs the scales in the seller’s favor.

In online stores, people obviously cannot try your products in the same way—which is why you need to take your online shoppers as close as possible to that feeling of seeing and holding your product, just like in a physical store. Professional product photos taken from different angles will help you.

The easiest way to get professional photos is to hire a pro photographer with a studio. Hiring a photographer may be expensive but you get results in the fastest and the easiest way. However, if you’ve got budgetary considerations, then it’s still possible to take cool product photos yourself.

Just be sure to remember three things: 1) use a neutral color background, 2) place the product on a stand, and 3) make sure the product is well-lit and doesn’t drop weird shadows. You don’t need tons of expensive equipment to take nice product photos but you need a few accessories:

  • A DSLR or mirrorless camera or smartphone with a good camera (iPhone 5S and newer will do)
  • An appropriate colored background (choose between white, grey, and black)
  • A tripod for your camera or smartphone to keep it steady
  • A light source (soft light from a window on a cloudy day is perfect). You can also build a light box yourself.
  • A reflector to reflect soft light from the main light source
  • An image editor like GIMP to edit photos: crop, brighten, or lighten. It’s free and is more than enough for basic photo editing.

Look at these well-lit, detailed photos. Don’t they make your mouth water already? :-)

You can go even deeper in visualizing your products: order a custom modification that will allow your customers to rotate products with a mouse pointer on the product page. Look how it works in a furniture online store based on CS-Cart:

2. Compose Product Descriptions that Sell, not just Describe

Having attractive product photos is only half the battle. Product descriptions are important, as well: from a description a customer understands whether the product can solve his problem or not. That’s why product descriptions should not simply describe, they have to tell a customer what his or her problem the product can solve and how. For example, a laptop lets a customer work anywhere, not only at home or in the office; a fedora can become a finishing touch for a retro party costume.

Although any product solves some problem, different products need different approaches in writing descriptions. Here are eight guidelines on how to compose good product descriptions that sell:

  • Show the product benefits the way that the customer understands them. Describe product advantages clearly without excessive words and technical terms. For example, don’t write that this electric guitar has a single coil pickup and a humbucker at the bridge position. Talk instead about what a customer gets from those: “This electric guitar suits melodic solos and bone-rattling riffs”. That’s all a customer needs to know.
  • Don’t speak to the customer with fake phrases and silly bunkum. These days, everybody is immune to such statements as “This smartphone is developed by leading professionals and uses the latest innovative technologies”. There’s no point in saying things like this, because you can’t prove anything with facts. People don’t believe your words, no matter how beautiful, unless you prove them with facts.
  • Personalize product descriptions. First, decide who your ideal customer is. Then address your ideal customer directly as if he’s standing in front of you. Use the words and the kind of speech your ideal customer uses. Talk to your customer.
  • Use words that call for pleasant feelings. Words such as “crispy”, “creamy”, and “smooth” nudge a customer closer to the purchase, because he wants to experience those feelings. Be careful not to overuse these kind of words.
  • Entertain the customer with a short story. Tell the customer a catching story about your product. A paragraph is enough to relax the customer and keep him on the product page longer.
  • Make the customer’s imagination work for you. When reading a product description, the customer should feel that he already owns the product. Tell the customer what will happen and how his life will change when he gets the product. Sell a dream.
  • Show the customer that the product is much in-demand. People prefer popular products. Before buying, customers usually read reviews and look for testimonials from real people. Add a testimonial of a satisfied customer to the product description, plus attach a photo of that customer. You can also write that the product is this month’s bestseller.
  • Think through the structure of a description. Writing a long description in plain text is a bad idea. There’s a better chance that a customer reads the whole description if you keep it short, well-structured, and well-formatted. Divide the text into paragraphs, add headers, choose a bigger font size, and format everything. Kind of like how we’ve done here, for example.

Check out this coffee description: it’s short and well-structured, activates the customer’s imagination, and entertains with a short story:

Hope our advice will come in handy and you’ll be able to drive more customers thanks to cool product images and great product descriptions!

Follow us on Facebook and Twitter to keep up with CS-Cart news. And check out our YouTube channel to learn how to manage your CS-Cart store.

CS-Cart and Multi-Vendor 4.3.9: Upgrade ASAP to Fix Security

By Yan Kulakov, July 15th, 2016 in CS-Cart releases, News and announcements


We’ve released a patch—CS-Cart & Multi-Vendor 4.3.9—with security, payment, shipping, and HiDPI fixes.

As a patch, the new version doesn’t have new features for end users. It mostly fixes issues:

  • An important security fix. The problem was that hackers could gain access to your administration panel, if they knew your admin URL. Multi-Vendor had a similar issue: a vendor could create an admin account and gain partial access to your admin panel. Both vulnerabilities are present in CS-Cart and Multi-Vendor 4.0.1—4.3.8. We strongly recommend that you upgrade to 4.3.9 ASAP to seal those security flaws. We’ve also sent emails to all CS-Cart and Multi-Vendor license owners. Check your mailboxes now. Those emails contain instructions on how to eliminate the vulnerability.
  • PayPal partial refund works fine. Previously, when an admin changed the return request status for orders with multiple products, PayPal partial refund could be performed multiple times. It meant that one of the products in the order could be refunded over and over again. Now, the refund process works correctly.
  • The payment processor response for PayPal payments changes properly. A payment processor response notifies you of events related to transactions. You can see the response status on the order details page in the admin panel. Previously, when the payment processor received IPN in PayPal Express Checkout, the processor response wasn’t actualized. An admin had to manually check payment status for every order. Now, this issue is fixed and the response is actualized when IPN is received.
  • Taxes based on Unit price are calculated correctly for unauthorized users. Before, when a guest customer placed an order, the product prices at checkout and in the cart could be displayed without taxes. We fixed the calculation process and now taxes are correctly applied to all products for both authorized users and guests.
  • Tracking number is always displayed for a customer. Before the fix, a customer couldn’t see the tracking number on the order details page, if you didn’t specified a carrier for that order. Now, tracking number is always displayed for customers whether you specified the carrier in the admin panel or not.
  • The HiDPI displays support add-on doesn’t shrink product images, when you clone products. The add-on influenced the cloning process of products: when you cloned a product, the size of its image decreased twice with each new cloning. We’ve fixed the issue and now the size of images of the cloned products stays the same.

See what hooks we’ve added and what else we’ve fixed in the changelog.

How to Upgrade to Version 4.3.9

CS-Cart license owners with active upgrade subscriptions can upgrade as always—on the Administration → Upgrade center page of their admin panels. Since the upgrade fixes a critical security issue, we distribute the upgrade packages all at once. Please check your Upgrade centers now and upgrade ASAP.

Newcomers are welcome to download CS-Cart from our website. You’ll have 30 days to try CS-Cart without restrictions. If you liked CS-Cart, you can continue using it after you buy a license.

We’ll be happy, if you share any ideas on how we can enhance CS-Cart. Our UserVoice is there for you.

Report bugs to our bug tracker—be sure we’ll deal with all of them.

To keep up with the latest news, follow us on Facebook and Twitter.

To learn CS-Cart, subscribe to our YouTube channel: we regularly add new video tutorials.

Subscribe to our newsletters via the form below to get news and other cool stuff directly to your mailbox.

Follow CS-Cart news & promotions

What is Web Hosting and How to Choose the Right One

By Yan Kulakov, July 7th, 2016 in Articles, Guest posts, Tips and tricks


Marco Mijatovic, Content Manager at First Site Guide, has prepared a cool infographic explaining a web hosting for beginners. This article will come in handy for the Internet newcomers and eCommerce beginners.

Marco is a professional writer and blogger. He will help you understand the power and reach social media for your blog or website. You can find him on First Site Guide and tweet the First Site Guide team @firstsiteguide.

Let’s assume you want to start your own company, or that you already have one, and the next step towards advancement is creating a website. What should you do? Well, you can either take a quick online course or a tutorial on how to make one, or hire a web designer to do it for you. After all it’s in your best interest that your online store, blog, or company website look really attractive and professional. However sooner or later the issue known as web hosting will come up, and people will start to ask you about which web hosting service company you are going to choose as your provider.

If you have never created a website and are relatively new to the whole thing, you might ask: “What is web hosting, and how does it affect my website?” Well, web hosting is very important for a website’s performance and its speed. For example, you can create an eCommerce website using a fast CS-Cart software as your platform, but the speed of your CS-Cart store will also depend on web hosting. If the hosting is not that good and fast—a page will still take much time to load and the user will probably leave and won’t even give your content a chance.

It’s basically a server where your website is located and depending on user proximity to that server its loading speed is either fast or slow. So, a good web hosting service should have numerous servers where your content is uploaded, so that all of the users around the world have a satisfying experience when browsing your website.

There are many more features and details related to choosing a web hosting service, and for someone who is a first time user, all of this can be really puzzling. Luckily, First Site Guide has designed an infographic that will show you everything you need to know about web hosting. Once you are well-informed it’s far easier to make the right decision and choose a provider that will meet your demands and goals. Once you are done, you will know what web hosting is, what a good provider should provide and the existing types of web hosting.

Hope you liked Marco’s article and found the infographic useful!

Follow CS-Cart news & promotions