Tag Archives: woocommerce

Key Insights From WooCommerce Survey 2024 – WP Tavern

[ad_1] WooCommerce has unveiled the results of its 2024 summer survey, shedding light on how store owners, developers, and partners gear up for Black Friday Cyber Monday (BFCM) and the holiday shopping rush. Here are the key takeaways from the survey: BFCM Sales Account for a Major Share of Annual Revenue BFCM plays a crucial role for online merchants, contributing to approximately 30%-50% of their yearly sales. The survey revealed that 66% of stores reported increased sales during the holiday season, highlighting its significance for businesses. In fact, for some stores, up to 50% of their annual revenue comes from this period alone. 46% of stores see up to 30% of their yearly sales during this time. 26% generate over 30% of their annual sales. 8% surpass 50% of annual sales during BFCM. Stores & Early Planning Larger stores with annual revenues of $250K+ are 12% more likely to begin preparations early. In total, 81% of stores actively plan for BFCM promotions. 26% of stores begin planning 1-4 weeks before BFCM. 27% start preparations 1-3 months ahead. 13% dedicate 3-6 months to preparation. 4% start more than 6 months in advance. Preparation Tactics & Strategies 26% of stores planned to increase inventory as their primary preparation strategy. This was followed by marketing, promotions, and website optimization. When it comes to marketing channels: 29% of stores find email the most effective, followed by organic social media (25%). Other popular channels include paid social (13%), search ads (8%), and content marketing (6%). For the 2024 holiday season, 34% of stores are adjusting their strategies, focusing on: Introducing new products (26%) Improving marketing efforts (24%) Enhancing website performance (16%) Starting sales early (10%) Offering special discounts (9%) Making changes to customer engagement, social media, and inventory management completes the list. Multi-Channel Sales The survey also noted that 67% of stores sell through multiple channels, including physical locations and online marketplaces. Specifically, 11% of stores sell on Amazon, 8% sell on Etsy and 6% sell on eBay. Customer Engagement & Analytics A significant 91% of stores use analytics tools like Google Analytics, WooCommerce Analytics Dashboard, and Meteorik to evaluate campaign performance. Despite the busy season, 89% of stores do not implement a special refund or return policy  Woo’s Chief Marketing Officer, Tamara Niesen, has shared more insights on the survey results on the WooCommerce blog. [ad_2] Source link

Continue reading

WooCommerce Store Owners Combat Fraudulent Stripe Charges – WP Tavern

[ad_1] For the past few weeks, members of the Advanced WordPress Facebook (AWP) group have been discussing methods of combatting Stripe Card Testing fraud. WordPress developer Jon Brown opened the topic after seeing fraudulent charges on five different websites, including four using WooCommerce and one using the Leaky Paywall platform. “All five were on Cloudflare with bot fight mode on when it first happened,” Brown said. “I’ve added CAPTCHA to all 5, I’ve enabled CloudFlare’s ‘Under Attack’ mode on the cart/checkout page.” The WooCommerce sites didn’t have a reoccurrence but the Leaky Paywall site did. Brown said the client didn’t notice it, as he had Stripe emails going to his spam folder. “It went on for two weeks until the load spike took the site offline and I noticed it,” he said. “About 1,200 successful transactions for $2.99, with 100,000 blocked.” Brown said he doesn’t understand why Stripe doesn’t recognize and block the fraudulent charges since they all follow a similar pattern using a randomized Gmail address. His client had to dispute approximately 100 of these transactions. “Each dispute costs $15 to resolve,” Brown said. “Each non-disputed refund costs $0.40 since Stripe (like PayPal now) keeps the fee. “So 100 * $15 + 1100 * $0.40 = $1940 in lost revenue to fees and that’s obviously AFTER also refunding the $2.99 per fraudulent transaction. That means $3,600 in fraud ($2.99 * 1200) just resulted in a net loss of $1940 – that’s insane.” Many other developers in the conversation have been hit with similar attacks, some with honeypots in place that didn’t prevent anything. One recommended using the WooCommerce Fraud Prevention plugin. It allows store owners to block orders from specific IP addresses, emails, address, state, and zip codes. This might help once attacks have started but doesn’t fully prevent them. Some developers had success stopping attacks using reCaptcha for WooCommerce, a commercial plugin that implement’s Google’s reCaptcha V2 (checkbox) and reCaptcha V3 to stop things like unauthorized login attempts, fake registrations, fake guest orders, and other automated attacks. “We ran into this about a year ago,” WordPress developer John Montgomery said. “It’s a way for hackers/thieves to check a list of card numbers for ones that are valid. Once they confirm the card works on a site, they can use to purchase products for real. In the end, a big annoyance but honestly not a huge deal for us in the end because we have digital products and they weren’t really interested in those.” Montgomery installed a plugin called Limit Orders for WooCommerce, developed by Nexcess, that disallows orders after a certain threshold is met. “I set it up to x orders per hour ( above any historical numbers)…so if we get say 100 orders in an hour it will shut off orders,” he said. “It’s a bit of a sledgehammer, but it did help us once already.” Although many store owners are hesitant to add any friction to the checkout process, technology consultant Jordan Trask recommends requiring customers create accounts before continuing and verify emails. He wrote a guide on dealing with card testing attacks. “The gist of the rules is blocking all countries except those you serve,” Trask said. “However, for WooCommerce, I would put in a JS Managed Challenge for the cart and checkout. “There is rate limiting built into Cloudflare that might help, but it’s more request based versus per order which is what you need based on IP potentially. If the requests come from the same IP address, you can look at limiting orders per IP since the email differs each time.” The Checkout Rate Limiter plugin, available on GitHub, offers checkout rate limiting on WooCommerce checkout based on IP address. Trask’s guide also recommends checking payment processor logs when investigating fraudulent charges: Always check your payment processor logs to verify where the charges are being created. A staging site may exist with production API keys, or your site was hacked, and the API keys were stolen. Most payment processors will have further details in their logs with additional information. WordPress developer Rahul Nagare recommends checking out Stripe’s Radar fraud protection, which uses machine learning to provide advanced protection and identification of fraudsters. “This will let you setup custom rules on Stripe to reject suspicious transactions,” Nagare said. “This used to be a free service with Stripe, but they changed it last year. I’d look into blocking all transactions with risk score higher than the average, and maybe the region of the card testers.” WooCommerce’s documentation has a section on responding to card testing attacks, which has many of the same recommendations discussed in the recent AWP thread. A CAPTCHA plugin is the first line of defense. It also recommends avoiding pay-what-you-want or donation products with no minimum, as these products are often targeted for card tests with small transactions that cardholders might miss. Swiftly refunding any successful fraudulent orders will decrease the possibility of disputes. Category: E-Commerce, News [ad_2] Source link

Continue reading

Hosted WooCommerce Solution Coming to WordPress.com in 2023, Following Recent Launches from GoDaddy and Bluehost – WP Tavern

[ad_1] WooSesh kicked off this week with a keynote session from WooCommerce CEO Paul Maiorana, who gave an overview of the current state of the ecosystem. More than 3.4 million websites use WooCommerce, according to Builtwith, including 25% of the top million online stores. It is by far the most popular solution among WordPress sites with e-commerce, capturing 93% of the market share. Maiorana covered some industry-wide trends taking shape in 2023. WooCommerce merchants are uncertain about the economy and while some are optimistic, others do not see it improving soon. Although growth has slowed since the pandemic-fueled rapid acceleration towards e-commerce in 2021, Maiorana said revenues are projected to gain steadily through 2025. WooCommerce core is entering a transformative time, as the new admin has been fully merged and Cart and Checkout blocks are now part of core (in beta). The plugin is becoming more block friendly with more than 40 blocks available now. WooCommerce has seen a 319% increase in the usage of block themes and is aiming to have full out-of-the-box compatibility with any block-based theme. The Market for Hosted WooCommerce Products Is Heating Up One of the biggest announcements from the event was that WooCommerce is developing its own hosted, turnkey solution in collaboration with hosting partners. WordPress.com will be the first to pilot the product in February 2023. Maiorana said the goal of the solution is to improve onboarding and retention with the following : WooCommerce pre-installed, activated, and hosted A pre-packaged set of essential plugins Simplified onboarding that works with partners’ systems to improve conversion Competitive monthly price to reduce churn Co-marketing and revenue share with hosts WooCommerce’s hosted solution will be in direct competition with other hosts that have recently launched their own products. In November 2021, GoDaddy acquired Pagely with the intent to deploy a new SaaS WooCommerce product. Pagely was paired with previous 2020 acquisitions of Poynt, a payment processor, and SkyVerge, a popular WooCommerce plugin development company, to create an integrated solution. Last month, GoDaddy launched an open access preview of Managed WooCommerce Stores to US-based customers. GoDaddy’s solution boasts the ability to sync across marketplaces, including Amazon, eBay, Google, Walmart, Etsy, and YouTube, with a single dashboard managing payment processing, marketing, shipping, and inventory. It is integrated with GoDaddy Payments for both online and in-person transactions, which incur a transaction fee of 2.3% + 30¢. The hosted WooCommerce preview plans range from $99.99/month – $249.99/month. At WooSesh today, Beka Rice, Senior Director of Product Management at GoDaddy, gave an overview of multichannel and omnichannel sales for e-commerce merchants during her presentation. Enabling multichannel store management seems to be one of the main selling points of GoDaddy’s offering. Bluehost is another recent contender in the managed WooCommerce hosting space, having launched its product last month. In March, Newfold Digital, Bluehost’s parent company, acquired YITH,  a WordPress plugin company with more than 100 WooCommerce extensions. Bluehost’s managed WooCommerce packages include a curated set of YITH plugins to help merchants extend their stores to offer gift cards, bookings and appointments, wishlists, product filtering, and more. Bluehost offers two plans. For the first year, when billed yearly, customers pay $9.95/month for a simple store or $12.95/month for selling across various marketplaces. Customers on the more expensive plan have the option to manage product inventory across Etsy, Amazon and eBay from a consolidated dashboard via Ecomdash. At the budget end of the WooCommerce hosting spectrum, Bluehost’s offering has an emphasis on creating a user-friendly, guided onboarding experience. Bluehost conducted an internal research study last year and found that its small business customers were looking for solutions that would allow them to sell online, but many of them are first-time website creators. The company created this new WooCommerce offering to eliminate the hassle of navigating themes and the many plugins required to launch a store. Bluehost uses YITH’s Wonder theme as the stores starting theme, which we reviewed in August. “Our theme is built for WordPress, utilizes the block structure that modern WordPress websites are beginning to adopt (one of the early block-basedWooCommerce block themes) and also includes three full-page patterns for different homepage layouts and designs,” Newfold Digital SVP of Digital Presence and Commerce Jason Cross said. “This not only provides users with a modern looking store, but also allows them to continue to customize it with ease in the future. YITH Wonder comes with six different style variations that make it easy to customize the accent color combinations and typography for the site.” Bluehost’s offering is aimed at catering to the merchants who will be building the stores themselves. The company has not created its own payments solution but connects to popular payment providers such as PayPal and Stripe and offers cash on delivery and in-store pickup options. WooCommerce is at the start of its journey towards launching a hosted solution but the company also plays a different role in the ecosystem as the maintainer of the core software. In an interview with the Tavern after his keynote, Maiorana said the vast majority (+90%) of ongoing WooCommerce core development is done by the WooCommerce team at Automattic. “One important difference is that we are really focused on the WooCommerce ecosystem – including the thousands of web hosts that help support and drive WordPress and Woo adoption across the globe – as our most important ‘customer,’” he said. “And what we’re hearing from these customers is that it is challenging to compete with the simplicity offered by proprietary, turnkey e-commerce solutions. At the same time, many web hosts don’t have the capabilities to address things like onboarding, conversion, and retention holistically – they need our help to compete and win.” Many of the major hosting companies that serve WordPress customers, like WP Engine, GoDaddy, and Bluehost have already developed their own hosted WooCommerce solutions, although there are many smaller companies that do not offer curated plugins, themes, and friendly onboarding that may be more open to partnering with the makers of WooCommerce. “We’re also working with

Continue reading

WooCommerce 5.7.0 Patches Security Issue that Could Potentially Leak Analytics Reports – WP Tavern

[ad_1] WooCommerce shipped version 5.7.0 through a forced update for some users earlier this week. The minor release was not billed as a security update but the following day WooCommerce published a post explaining that the plugin was vulnerable to having analytics reports leaked on some hosting configurations: On September 21, 2021, our team released a security patch to address a server configuration setup used by some hosts, which under the right conditions may make some analytics reports publicly available. This was technically classified as a broken access control vulnerability, according to the WPScan. WordPress.org pushed an automatic update to affected stores beginning on September 21, for all sites that have not explicitly disabled automatic updates. The WooCommerce team created a patch for 18 versions back to 4.0.0, along with 17 patched versions of the WooCommerce Admin plugin. Those whose filesystem is set to read-only or who are running WooCommerce versions older than 4.0.0 will not have received the automatic update and should proceed to manually update their sites. WooCommerce recommends users update to the latest version, which is now 5.7.1, or the highest number possible in your release branch. The security announcement post has detailed instructions for how store owners can check to see if their report files may have been downloaded. More than 5 million WordPress sites use WooCommerce. At the time of publishing, 59.8% are running on version 5.4 or older. Only 12.8% are using the lates 5.7.x release. It’s not possible to see how many sites are still vulnerable, because WordPress.org only displays a breakdown for the major branches users have installed. Some site owners running older versions may still be active in applying security patches but not prepared to update to the latest release. WooCommerce 5.7.1 was released earlier today after the team received multiple reports of broken sites following the 5.7.0 update. This release includes fixes for regressions and new bugs identified in the previous update. Like this: Like Loading… [ad_2] Source link

Continue reading

Is This the Best Affiliate Plugin for WooCommerce?

[ad_1] Looking for an effective way to promote your WooCommerce store? If so, launching an affiliate program might just be what you need to spread the word about your eCommerce business.  Many store owners assume that affiliate programs are only useful for big companies, but the truth is that even a smaller business can benefit from having its own affiliate program. It’s a great way to build an army of loyal advocates who are excited to promote your offerings. Solid Affiliate is a brand new WordPress plugin that allows you to add an affiliate or referral program to any WooCommerce site. People can sign up as affiliates for your business and you’ll be able to keep up to date on any sales they make. The plugin also gives you control over the commissions you pay and offers multiple gateways for making affiliate payments. Okay, but how do I set it up? In this Solid Affiliate review, we’ll give you a hands-on look at how to create a self-hosted WooCommerce affiliate program using the native WordPress plugin. Plus, we’ll highlight some of the plugin’s best features to help you make the most of your investment (Solid Affiliate is generous with pricing, but it’s still an investment in your site). Solid Affiliate Review: A Quick Look at the Features Solid Affiliate is a one-stop solution for launching and managing a referral program on WooCommerce. It comes with: Coupon referrals – link WooCommerce coupons to affiliates. Real-time tracking – track sales, payouts, and other data as soon as it generates.  Flexible commissions – set one commission rate with the option to adjust it for specific products or affiliates. Affiliate cookie life – choose how many days the referral affiliate cookie remains valid. Refund protection – set a refund grace period for paying commissions. Automatic payouts – Pay your affiliates via PayPal or export a CSV for manual payments with just a few clicks. WooCommerce Subscriptions compatibility – set up recurring commission rates in WooCommerce subscriptions. All major builders supported – the plugin works with Divi, Oxygen, Elementor, ec. And more. Hands-On with Solid Affiliate for WooCommerce/WordPress Now that you have an idea of Solid Affiliate’s features, let’s walk through the setup process. Solid Affiliate Set Up Solid Affiliate is pretty much plug-and-play. First, go to your WordPress dashboard and choose Plugins → Add New. Then upload the plugin’s zip file and select  Install Now. Once installed and activated, a setup wizard will appear when you open the new Solid Affiliate tab in your WordPress admin. Through it, you can set up a page for your frontend affiliate portal and configure outgoing emails: Article Continues Below But that’s about it—the plugin’s settings are where the real action happens. Solid Affiliate Settings To configure how your referral program functions, you’ll need to go to Solid Affiliate → Settings → General. Here, you’ll configure how your commissions work, including: The default commission rate, whether a percentage or a flat rate. The payout currency and tracking cookie period. Whether to give commissions on total sales or only on sales to new customers. Whether to omit tax and/shipping from commission calculations. Affiliate Portal & Registration in Solid Affiliate In the Settings menu, you’ll also find other tabs for configuring different functions of the plugin. One of them is for Affiliate Portal & Registration. This tab lets you manage the frontend interface for affiliates, choose the fields to display on the registration form and require admin approval for new affiliates if desired. The registration form has an Affiliate Notes field that inserts a How will you promote us? Box. However, there’s no way to add custom fields to your forms. It would have been nice to include other fields, such as one for a physical address, which is crucial if you need an affiliate’s location for filing taxes in your state. Other Tabs: Integration, Emails, Misc & Recurring Referrals Solid Affiliate’s Settings also has an Integrations tab. This tab lets you set up PayPal and Mailchimp.  The next tab, Emails, allows you to customize the emails sent to affiliate managers and affiliates. You get two templates for each party, which you can customize using merge tags and the Classic editor. Misc has some random settings, like whether you want Solid Affiliate to reject unpaid referrals if a purchase is refunded. Lastly, the Recurring Referrals tab lets you select whether to pay commissions on just the first subscription payment or every recurring subscription. There’s also an option to set a custom rate, such as giving $100 flat for the first payment and a 2% commission for all recurring ones.  Assigning WooCommerce Coupons to Affiliates Solid Affiliate for WooCommerce also offers a coupon-based option for crediting affiliates. Basically, you give affiliates coupons that they promote to shoppers. So when a shopper uses a coupon, the plugin automatically credits the affiliate with the sale. Solid affiliate syncs with the native WooCommerce coupon system, making it give affiliate coupons. Article Continues Below Creating Custom Commission Rates Solid Affiliate also lets you override the default commission rate for certain products, product categories and affiliates. You can choose your own custom referral rate when editing an individual product, product category, or affiliate. For instance, when you edit an affiliate, the plugin will provide you with new fields to control the commission for that affiliate. If you don’t want to pay commissions on certain products, Solid Affiliate has you covered. While editing individual products, you can choose to make them ineligible for commissions. I can’t recall any WordPress affiliate plugin that offers this option. That’s it for the setup. Now let’s see how to manage your affiliate program inside Solid Affiliate. Managing Your New Affiliate Program After setting up your affiliate program, head over to the main Solid Affiliate menu to discover tools to manage affiliates, make payments, view reports, and more. Here’s what you’ll find: Dashboard You can keep track of a detailed overview of your affiliate program through the Dashboard tab. This page will show you metrics such as your recent revenue, referrals

Continue reading

5 Best WooCommerce Hosting Providers Compared in 2021 (All Budgets)

[ad_1] If you have a WooCommerce store, finding the best WooCommerce hosting is important because your hosting plays a key role in your store’s performance, reliability, security, etc. To help you make a choice that will set your store up for success, we collected the five best WooCommerce hosting providers in 2021 and beyond, including both premium options for serious stores and budget options if you’re trying to keep costs down. We’ll start by showing a quick summary table of the top hosts. Then, we’ll share some details on how to choose a good WooCommerce host and then get into the five best hosts for WooCommerce stores. Best WooCommerce Hosting Summary If you’re in a hurry, here’s a summary of our picks for the best WooCommerce hosting providers – you can keep reading to learn more about each host. *Kinsta’s prices start at $30 but they recommend using at least their Business 1 plan for WooCommerce stores. What to Look for in the Best WooCommerce Hosting At a high level, WooCommerce is just a plugin for the core WordPress software, so there’s a lot of overlap between what makes the best “WordPress hosting” and what makes the best “WooCommerce hosting.”. That is, you’ll want to consider: Performance. Reliability/uptime. Useful features like automatic backups and staging sites. Support. Those are all important for WordPress and they’re also important for WooCommerce. However, WooCommerce stores do have a few unique considerations because of the nature of WooCommerce, so there are a few extra issues to consider. First off, WooCommerce has unique performance needs when it comes to caching and database usage (WooCommerce stores query the database more because of product search, order histories, etc.). With respect to database usage, hosts can build in some tools to help: Elasticsearch. This lets you replace the default WordPress search system with a much more optimized solution for your product search. If your host doesn’t offer it, you can still add it using your own hosted instance or a third-party service like ElasticPress. Custom database tables. Some hosts create their own custom database optimizations for WooCommerce, which can be useful for large stores. You also might want to look for some adaptive features, like backups that are more frequent than once per day and flexible staging tools with database merge. Now, let’s get into the five best WooCommerce hosting providers… WP Engine is one of the most popular managed WordPress hosting providers. They were always a good choice for WooCommerce hosting, but they just got even better with the launch of dedicated WooCommerce hosting plans. These plans include WooCommerce-specific optimizations like compatible caching and Elasticsearch for improved product search (though this is only available on the higher tiers). To learn more about WP Engine, you can read our full WP Engine review, though our review is of the general-purpose WordPress hosting and not the eCommerce-focused plans. Key Features Built-in caching solution that’s optimized for WooCommerce stores. One-click WooCommerce installation. Pre-installed WooCommerce theme. Free SSL certificate. Built-in content delivery network (CDN) for improved global performance. Elasticsearch for improved product search (on the Professional plan and above). Automatic daily backups. One-click staging sites including partial merge so that you can only push file changes live (and not touch the database). Pricing While you can host a WooCommerce store on any plan at WP Engine, we recommend using the dedicated eCommerce hosting plans. These plans are a little more expensive, but they’re worth it for the optimized environment. WP Engine’s eCommerce plans start at $36 per month for the StartUp plan: One website. 25,000 visits. 10 GB storage. 50 GB bandwidth. You need the Professional plan for Elasticsearch, though. Here are the monthly prices – but if you pay for a year upfront, you’ll get two months free: You can also use our WP Engine coupon to get an even better deal – 20% off your first bill or four months free if you pay annually. Get Started with WP Engine Kinsta is another managed WordPress host in the same vein as WP Engine. Unlike WP Engine, Kinsta doesn’t advertise/market dedicated WooCommerce hosting plans, but Kinsta’s regular WordPress hosting plans include everything you need to successfully host a WooCommerce store. Kinsta also offers some useful add-ons for WooCommerce stores (like more frequent backups), on top of just generally offering excellent performance and support. 👉 You can learn more in our full Kinsta review. Key Features Dedicated WordPress/WooCommerce installer. Optimized Google Cloud infrastructure. Built-in caching solution, including WooCommerce compatibility. Built-in CDN powered by KeyCDN. Kinsta Application Performance Monitoring/APM (a New Relic-like performance audit tool to improve your WooCommerce store’s performance on a very detailed level – learn more here). Cloudflare Automatic Platform Optimization (APO) integration. Automatic daily backups. For an added fee you can also increase the frequency to every six hours or hourly. One-click staging sites, but you can only push the full staging site live, which isn’t ideal for WooCommerce. Pricing Kinsta’s pricing plans technically start at $30 per month. You can install a WooCommerce store on that plan. However, the Kinsta team recommends using at least the $100 per month Business 1 plan for eCommerce stores because it offers four PHP workers, which leads to better performance for dynamic WordPress sites. The Business 1 plan supports the following: Five WordPress sites. 100,000 monthly visits. 30 GB storage. 200 GB CDN. For very small stores, you might be ok with the $30 per month Starter plan which offers: One website. 25,000 monthly visits. 10 GB storage. 50 GB CDN. If you want some of the add-ons that we mentioned, those might be an extra fee as well. For example, adding hourly backups costs $100/month/site. You get daily backups for free. Get Started with Kinsta Nexcess is a dedicated managed WooCommerce hosting provider that’s a subsidiary of Liquid Web, a popular web host that’s been investing in the WordPress hosting space with acquisitions of iThemes, Restrict Content Pro, The Events Calendar, and more. Liquid Web advertises its managed WooCommerce

Continue reading

WooCommerce 5.6 Release Candidate 2

[ad_1] Hey, WordPress fans. We are checking in with your latest dose of weekly WordPress news. This week, WooCommerce 5.6 release candidate 2 is out and available for testing. The update is on track for the planned August 17th release date.  Beyond that, Gutenberg 11.2.0 is released with some new features, and we have some great tutorials and resources for you as always.  Let’s get to all of this week’s WordPress news… WORDPRESS NEWS AND ARTICLES TUTORIALS AND HOW-TOS RESOURCES [ad_2] Source link

Continue reading

WooCommerce 5.5.2 Fixes Performance Issues Found After Forced Security Update – WP Tavern

[ad_1] WooCommerce has shipped version 5.5.2 as a follow-up to the forced security update that patched a SQL Injection vulnerability last week. The vulnerability impacted versions 3.3 to 5.5 of the WooCommerce plugin, as well as versions 2.5 to 5.5 of the WooCommerce Blocks feature plugin. The team created a patch for more than 90 releases, which was sent as a forced security update from WordPress.org, due to the potential severity of impact for millions of WooCommerce installations. Shortly after the automatic update rolled out, many store owners started reporting serious performance issues on both WordPress.org and GitHub. Some users reported database crashes after receiving the automatic security patch in 5.5.1. One user reported a painfully slow, endless query that was “crippling to our operations,” with similar reports on GitHub of this same query “causing the entire server to go down.” Those with a large number of products in their databases were impacted more frequently. “We run a fairly big DB – 17k products,” one user said. “This has been a nightmare.” Store owners affected by this issue had resorted to downgrading to the previous releases at WooCommerce’s recommendation. They shared temporary workarounds to disable the query while WooCommerce investigated the issue. The problem was reported so frequently that it became a high priority for the team to fix. A week ago, WooCommerce developer Adrian Duffell reported back that they had determined the cause was twofold: A slow SQL query used to retrieve the products that are low in stock. This SQL has been in WooCommerce for a number of releases. A REST API request, which executes this SQL query, is called more frequently in WooCommerce 5.5 than in previous versions. A combination of these factors was causing the degraded server performance when users updated to WooCommerce 5.5. A fix was released in WooCommerce Admin 2.4.4 three days ago, and the fix was also added to core today in 5.5.2. Users who had put workarounds in place are advised to remove them after updating to the latest release. Like this: Like Loading… [ad_2] Source link

Continue reading

WooCommerce Patches Critical Vulnerability, Sending Forced Security Update from WordPress.org – WP Tavern

[ad_1] WooCommerce has patched an unspecified, critical vulnerability identified on July 13, 2021, by a security researcher through Automattic’s HackerOne security program. The vulnerability impacts versions 3.3 to 5.5 of the WooCommerce plugin, as well as version 2.5 to 5.5 of the WooCommerce Blocks feature plugin. “Upon learning about the issue, our team immediately conducted a thorough investigation, audited all related codebases, and created a patch fix for every impacted version (90+ releases) which was deployed automatically to vulnerable stores,” WooCommerce Head of Engineering Beau Lebens said in the security announcement. WordPress.org is currently pushing out forced automatic updates to vulnerable stores, a practice that is rarely employed to mitigate potentially severe security issues impacting a large number of sites. Even with the automatic update, WooCommerce merchants are encouraged to check that their stores are running the latest version (5.5.1). Since WooCommerce backported this security fix to every release branch back to 3.3, store owners using older versions of WooCommerce can safely update to the highest number in their current release branch even if not running the very latest 5.5.1 version. At the time of publishing, only 7.2% of WooCommerce installations are using version 5.5+. More than half of stores (51.7%) are running on a version older than 5.1. WordPress.org doesn’t offer a more specific breakdown of the older versions, but it’s safe to say without these backported security fixes, the majority of WooCommerce installs might be left vulnerable. The security announcement indicates that WooCommerce cannot yet confirm that this vulnerability has not been exploited: Our investigation into this vulnerability and whether data has been compromised is ongoing. We will be sharing more information with site owners on how to investigate this security vulnerability on their site, which we will publish on our blog when it is ready. If a store was affected, the exposed information will be specific to what that site is storing but could include order, customer, and administrative information. For those who are concerned about possible exploitation, the WooCommerce team is recommending merchants update their passwords after installing the patched version as a cautionary measure. The good news for WooCommerce store owners is that this particular critical vulnerability was responsibly disclosed and patched within one day after it was identified. The plugin’s team has committed to being transparent about the security issue. In addition to publishing an announcement on the plugin’s blog, WooCommerce also emailed everyone who has opted into their mailing list. Concerned store owners should keep an eye on the WooCommerce blog for a follow-up post on how to investigate if their stores have been compromised. Like this: Like Loading… [ad_2] Source link

Continue reading

Checkout X Review – Increase WooCommerce Sales With This Plugin

[ad_1] Checkout X is a Software as a Service (SaaS) platform which promises to help you improve sales on your WordPress WooCommerce store. It’s a bold claim that many others have made in the past, and no doubt one that many more will continue to make in the future. So what makes Checkout X so unique? Is it a worthwhile tool for improving your WooCommerce sales? There was only one way to find out. We recently installed it on one of our sites to test out. You’ll discover exactly what we thought in this in-depth Checkout X Review. Checkout X Review Right out of the box, there are two clear things to love about the Checkout X WooCommerce tool. The first is the price tag, or rather, the lack of one. The second is its unique approach. Checkout X Pricing The company offers a completely free version of their service with no strings attached that is perfect for new start-ups and gradually growing stores. This gives you access to all of Checkout X’s standard features (more of which later), plus the ability to generate up to €1,000 in upsells without paying a penny. For larger stores that generate more than €1,000 per month, the €39 Unlimited Plan may be better suited. This allows for unlimited upsells with a 5% per upsell charge applied after your first free €1,000. Article Continues Below Finally, the platinum plan for eCommerce stores generating more than €25,000 only charges a 2.5% upsell fee after the first €1,000. Both of the latter two plans also include some useful extra features, including access to live chat support and the removal of the Checkout X branding, the latter of which can be essential for maintaining a professional appearance. A Software as a Service Approach The other thing we like about Checkout X is that it does things differently. Many tools that promise to improve your store come in WooCommerce plugins which place an extra burden on your web hosting server. While a single plugin may not do too much damage, running an extensive library of heavy-duty plugins can slow down your website performance. One of the big advantages of Checkout X is that although you do have to install a plugin, it’s very lightweight and is only used to connect your site to the software, with all of the hard work being done on Checkout X’s servers. Naturally, this means you get all of the advantages of a powerful upselling tool with none of the drain on your resources. How to Use Checkout X Further adding to the platform’s appeal is just how easy it is to use. From the homepage, head straight to the sign-up page and register for an account. In our experience, this took less than a minute and couldn’t be more straightforward. Article Continues Below Once you’re in, hit “Next Step” and then choose whether you want to connect the platform to a WooCommerce site or a Shopify store. Naturally, being all about WordPress here at WPlift, we went with the WooCommerce option. This is just as well as Checkout X no longer works on Shopify sites due to a change in Shopify’s Terms and Conditions. Connecting Checkout X to Your WooCommerce Store On the next screen, enter the domain name of your WooCommerce store and click “Connect Checkout X.” You’ll need to approve access so that the tool can do what it needs to do, after which you’re ready to start putting it to work on your store. Setup Wizard The tool continues to impress by offering a simple four-step setup wizard to take the hard work out of using it. The four steps involve. 1. Install the Plugin This is no more difficult than clicking the “Open WordPress to Install the Plugin” link, which takes you directly to the Checkout X page on the WordPress plugins directory. Install it as you would any other plugin, and when you’re done, return to the wizard and click “Verify Installation.” 2. Add in Shipping Rates Next, use the simple tool to add your shipping rates and set up any shipping conditions you need. For example, you may choose different rates for international shipping, offer discounts or free shipping for orders over €100, or whatever works for you and your business. Article Continues Below 3. Add Payment Methods The third set-up option lets you choose from a list of different payment methods. All of the usual suspects are here, including Stripe, Klarna, PayPal, card payments, cash on delivery, and more, meaning you’re well set up for however you prefer to accept payments. 4. Preview and Publish Finally, when you’re happy with everything, you can preview and publish your Checkout X checkout experience and be ready to use it. Customizing Your Checkout X Checkout We think it’s a little confusing that Checkout X doesn’t include the checkout customization tab in their initial four-step set-up wizard. It would certainly make sense to include it just before publish and preview. Still, it’s not exactly hard to find and can be used to tweak the look and feel of your checkout experience so that it better reflects your brand. This tab lets you not only change the colors and add a logo but also add links to your privacy policy, T&Cs,[1]  and other essentials. How Checkout X Improves Your WooCommerce Sales With the setup process out of the way, it’s time to explore the actual benefits of using Checkout X. On the whole, there are four main ways that CheckoutX helps to boost your WooCommerce sales. These include: 1. Abandoned Cart Recovery Adding some kind of abandoned cart tool to your website is a tried-and-trusted way of getting customers to come back, complete purchases, and boost your revenues. So it’s nice to see that Checkout X includes this as an option, saving you the hassle of installing an additional abandoned cart plugin. Using this tab lets you create the message you want to send to those who abandon their

Continue reading
1 2