X-Cart Security and Performance Optimization, PHP 7 Patches & Dirty Cow [Webinar Recording + PDF]
It goes without saying, that the dynamic world of visual and digital media makes a great impact on consumer expectations and their shopping behavior. People want more, right here, right now! Plenty of items to choose from, secure and seamless shopping experience, and, of course, instant gratification — a page that fails to meet user’s expectations or the one that takes 1 second too long to load can potentially cost you thousands or even millions in lost sales every year. Stunning, right?
Keeping that in mind, I prepared a few tips and tricks for our London Meetup attendees and they almost showered me with questions.
A month later, on October 25, 2016, I decided to give exclusive attention to these issues and host a separate Speed & Security Webinar, which, by the way, was also a complete success — we’ve never had so many of you listening to our webinars before, wow!
And now it’s me who wants more… Here’re the webinar recording and PDF-slides tailored specifically for those who missed both our September Meetup and the webinar two weeks ago. The tools and tips I shared in this video should significantly improve the security level of your server and speed up your web store. So, I want you to spare an hour of your precious time — it’s really worth watching.
- Online security check. Your server might be vulnerable to attacks, I’ll tell you how to find it out and fix it.
- Passwords and security patches. A few tips & tricks to protect your store against today’s most devious hackers.
- Backups and the way they can save your web store from disaster.
- Powerful tools for checking and improving performance. Running a website speed test, caching, images optimization, TCP keep-alive method, upgrading to PHP 7 and other techniques.
- Other misc services to get traffic insights and find out what technologies your competitors are currently using.
P.S. If you want me to check the speed and security of your X-Cart store, just ask. It’s free! ?
PHP 7 compatibility
You may have already heard about the first major release of PHP in over a decade. PHP 7 developers worked really hard to reduce memory consumption and to increase performance. And they certainly succeeded in it — we tested. X-Cart sites, compatible with the latest PHP 7, are as ‘fast and furious’ as never.
Have a look at our TTFB (Time To First Byte) test results:
Good news is that X-Cart 5.3 and X-Cart 4.7.6 are already fully compatible with PHP 7. And though other versions do not support it out-of-the-box, it can be easily fixed — just apply our newly-baked PHP 7 compatibility patches.
PHP 7 compatibility fixes are now available for the following X-Cart 4 versions:
4.4.5 (php70x-2016-10-25_4.4.5.tgz)4.5.5 (php70x-2016-10-25_4.5.5.tgz)4.6.0 – 4.6.6 (php70x-2016-10-25_4.6.x.tgz), where x is a version number4.7.0 – 4.7.5 (php70x-2016-10-25_4.7.x.tgz), where x is a version number
Patches for 4.4.0 – 4.4.4 and 4.5.0 – 4.5.4 versions should be adapted from 4.4.5 and 4.5.5 versions accordingly.
Where can you find them?
Log in to your personal HelpDesk account → File area → X-Cart 4 → Your X-Cart version → Updates and patches.
Ask your hosting provider if it’s possible to upgrade your server PHP version to PHP 7. It will make your store as quick as a flash. Then you’ll have two options available:
- You can apply fixes to your current X-Cart 4 version. They will make your existing X-Cart 4 store compatible with PHP 7 without upgrading it to X-Cart 5. Just make sure everything works smoothly on the ‘dev’ copy of your web store before deploying patches on your live stores.
- Upgrade your store to X-Cart 5.3 or X-Cart 4.7.6. These versions already support PHP 7 and are extraordinarily fast. And don’t worry, upgrading your store is not that scary. Here’s the real-world example to inspire you:
Furttunato Cianfrocco from Oneida Suzuki upgraded his X-Cart 4.0.19 to X-Cart 4.7.6:
I had a store at 4.0.19 that I have wanted to upgrade to a modern version of x-cart. The store was up-to-date with security patches but that was it. There were some minor customizations but nothing too crazy; most customizations were actually no longer necessary in the latest x-cart. It was going strong for over 10 years (since ~2004) but it was getting long in the tooth with limitations such as mobile viewing (impacted google shopping), payment methods, look and feel, social media integration, etc…
I’ve been considering an upgrade for a few years now and the numerous major revisions were always a concern for me; each major revision upgrade is just a lot of room for error. Supporting the store is my free-time job and I just didn’t have the time to dedicate to the upgrade.
We contracted x-cart to perform the upgrade and it couldn’t have been better. They completed the upgrade very quickly, professionally, and had an upgraded store in their sandbox ready to test within a week!!! We had a few minor upgrade issues, nothing that I wouldn’t expect in such an upgrade) that we worked through on the sandboxed upgrade. We purposely took our time (~2-3 weeks) to make sure the upgrade was production ready and x-cart was very patient. They also installed a few new modules in addition to the main store upgrade. x-cart also handled the actual migration on our web server.
The upgraded store has been running for about 2 months now without any issues. I know I could have never completed the upgrade in the same amount of time or as seamless. For an upgrade of over 10 years of software, the upgrade cost was very reasonable and performed timely. It is also a testament to x-cart’s robustness that the 4.0 store held out for so long.
Thank you x-cart (Olga Tereshina, Alexey Galkin, and others)!
Anyway, we are always ready to help, just contact us.
Dirty COW Vulnerability: the fix is here!
On October 18, 2016 a serious Linux kernel vulnerability, allowing users to easily get persistent root access, was disclosed. The bug, nicknamed Dirty COW, have been lurking in the code for more than 9 years and yes — lots and lots of servers are at risk now.
But there’s no need to worry about a fully managed VPS hosting by X‑Cart — those who host their stores with us are already fully-protected from this annoying security hole.
If you use a different web hosting service, you’d better hurry up and check if it is properly secured.
Anyway, you can always ask us for help.
Find a better home for your X-Cart store
If you feel you are not getting the most out of your server or your hosting provider can’t sort out your security and performance issues, you are always welcome to try X-Cart fully-managed VPS Hosting — our PCI-compliant servers are regularly patched with security updates and optimized to provide the highest performance possible for X-Cart stores. All plans include a free transfer of your existing stores to X‑Cart hosting, daily backups, and support.
Send us a request and we’ll create a copy of your store on our server and demonstrate how fast it can actually work. Free of charge.
Alex joined X-Cart in 2005 and since then spearheaded Support and Hosting departments, focused on customer needs as a Director of Customer Success and now helps our clients to grow and prosper as Enterprise Account Executive. He truly believes that if we don’t take care of our customers, someone else will.