Magento

The latest round for Patches from Magento (Supee-6788) have seemed to have caused a lot of confusion. While important, the patches fail to take into consideration that a few stock files may have been changed (.htaccess) or removed (.htaccess.sample). The patch also errors on cryptic messages and seemingly provide very little to troubleshoot with.

We have applied it to a few community edition Magento versions as well as an enterprise install and have had a mixed bag of results. We have documented a set of common tips that have helped us trouble shoot most of the issues with the new patch.

Read More

Recently our client saw a surge in suspicious activity where a user would seemingly login, place an item in their cart, and then proceed to attempt to use fraudulent cards repeatedly. We were able to determine that either this was an absolutely amazing robot processing the orders OR a very determined group of individuals. We suspect it may have been a live person, because all of the IDS web sniffers detected that it was an authenticated browser user.

Read More

We recently had a client that wished to have their free shipping rule be triggered on the subtotal of the entire order, including tax. The solution was fairly simple to implement.

Read More

Lately we ran into a repeated issue that caused a significant amount of confusion for our development team. A Magento EE client has a fairly robust caching system setup: CDN, Varnish, Memcache and then Magento EE’s FPC.

Read More

We finished doing an initial remediation on a site infected with SUPEE-5344 (See previous article). We built a script that we tuned to try and find files infected with our particular variant of this nasty bug. We are providing it (without support/warranty) to the rest of the eCommerce world in the hopes it may help some folks clean their shop.

We highly recommend that folks get a web application firewall like Incapsula or Cloudways nowadays. Its not fool-proof, but it can help mitigate some of these exploits before they begin.

Read More

SUPEE-5344 has been in the wild for a while now, but this is the first site that we’ve had an opportunity to re-mediate.

Read More

Just a quick tip that we hope will save some coders some time. We couldn’t find an easy way to get the reward points that were used in a particular order. The snippet below should help.

Read More

Recently, we had a client that needed to setup their Magento cart to send out emails through Amazon SES. They installed the free SMTP Pro Magento SMTP Email plugin from AScrhoder and tried to configure it to use their Amazon SES account. When they ran the self-test within Magento Admin, they kept getting an error from the Amazon SES server saying “SignatureDoesNotMatch”. After a bit of digging, we finally figured out the solution.

Read More

Recently, Google has started to require that shipping costs be consistent between what is estimated for the product and the final shipping cost. When you setup your Google Merchant Feed you have to setup your shipping costs to adequately reflect what you charge on your site. Debugging issues between your costs and what Google sees can be quite a challenge, so we put together a quick script to make the process easier.

Read More