Skip to main content

Get Your Store Ready for HTTPS

You probably received an email from Google announcing that starting in October of 2017, sites that cannot be accessed via HTTPS will be flagged in Chrome as not secure. This is part of Google's push to make the entire Internet secure. To answer this call, Yahoo is working hard on making HTTPS available to all stores and it should be available shortly; definitely well before the deadline set by Google. In some cases, stores will simply be able to flip a switch and make their site secure (conforming). However, other stores, most notably highly customized ones will need extra effort making sure they are ready for the switch.

What if your site is switched to HTTPS but it is not entirely secure?

If - when it becomes available - you switch your site over to HTTPS but not all parts of the site are secure, visitors to the site will still see a note informing them that the site is not secure. They may, and often will, also receive popups warning them of insecure content and asking if they want to continue - a sure way to turn the vast majority of visitors away.

What parts of the site can potentially be non-secure?

Once the switch is available, the main pages of the store will be secure. However, assets used inside the page also need to be secure. The product images - and indeed all images you upload into the editor will be taken care of. Other files linked from the "Files" area of the store editor will probably be secure, but that depends on how such files are linked into your site. If they use hard-coded non-secure (http:) links, then they will NOT be secure. Images used inside otherwise secure CSS and JS files may or may not be secure, again, depending on how those are referenced from within those files.
Also, forms used anywhere in the site (search, newsletter signup, etc.) all need to point to secure locations otherwise they will be flagged as non-secure. A notable example is the built in store search. If you are using the legacy yahoo store search you will have to upgrade to the newer version.
Finally, any third party scripts or tools your site might make use of, which are not secure, will have to be secured as well, but for those you'll most likely have to contact the vendor whose code it is. We will point those out to you if we find them in your store.

How can you find out what parts of the site will pose a problem?

You can start with third party tools such as customer reviews, customer account management systems, etc, by contacting the vendors those tools are from to make sure they can be upgraded to be secure. If you have the legacy Yahoo store search, upgrade it - or have it upgraded - to the new version. Don Cole of Your Store Wizards put together a testing tool that can alert you if your site is most likely to be ready or not for the switch. This tool is available here. But the most precise way to tell whether your site is ready to be secure or not is the yet-to-be-released HTTPS testing tool from Yahoo. This tool will temprorarily switch the store editor into secure mode so it will immediately show an expert what parts of the page or pages are not secure and, therefore, require attention.

What's next?

For your peace of mind, order our Secure Store Preparation Service now. We will process these in the order in which they are received, as soon as Yahoo Store's HTTPS testing tool is available. We will make sure all parts of the site are secure and ready for the switch, and we will identify any third party tool you may be using now that will need to be secured by the vendor who installed it (please note, we are not responsible for any charges third party vendors might assess for securing their own tools or add-ons.)

Comments

Popular posts from this blog

What to expect when your redesign goes live

At Y-Times we roll out new designs, redesigns and other major upgrades to Yahoo stores on a fairly regular basis. Some of the main questions our clients ask are how to prepare for a roll-out and what to expect in terms of SEO and conversions when the changes go live? For any functional Yahoo store how well the site ranks and how well it converts are probably the two most important metrics. Since pretty much ANY change you make to any page can potentially alter either or both of these metrics, merchants may understandably feel nervous about far reaching alterations to their sites. However, when those functionality and design changes and additions are done right, there is really very little to fear. First off, what does it mean for a design or redesign to be "done right?" From the technical stand point, search engines look at the underlying structure of your site (the HTML, and increasingly also the CSS and JavaScript code) to try to extract information and meaning from i

Pre-Season Checkup

With the holiday shopping season fast approaching it's a good idea to do a general checkup on your store to be sure it's ready for prime time. Below are a few things you would want to check, along with a few add-ons that are not too major in scope, but which are often neglected and give you an edge over your competition. Can you Search and Order? Every time we do anything major in a store we test two things: whether searching and adding to cart/ordering works. You can have nice, flashy pictures, cool animation effects, a very quick loading site, anything, but if the store search is broken or you can't add to the cart or can't check out then an ecommerce site is worth nothing. Can you Order? Chances are if your checkout was completely broken you'd know about it by now, but it doesn't have to be totally broken in order to scare away potential customers. So go ahead, go to your site and first do a search and make sure it works. Then, add one or more products

Adding custom Yahoo Store fields - Catalog Manager vs. Store Editor

In a non-legacy Yahoo Store, there are two ways to add custom fields: through Catalog Manager under "Manage my Tables" and through the Store Editor, under "Types" (the Store Editor's "Types" are essentially the same as Catalog Manager's "Tables".) Whether you add custom fields from Catalog Manager or from the Store Editor does make a difference as each has its advantages as well as disadvantages. Catalog Manager To me the main advantages of using Catalog Manager to add custom fields are: 1) You can add multiple fields quicker 2) You can later change the field's name and even type 3) You can delete the field if you no longer need it. 4) All the fields that are available in Catalog Manager are included in the data.csv file if you download your catalog. 5) All the fields that are available in Catalog Manager are also included in the catalog.xml datafeed file, which is used by the comparison shopping engines, for example. (See the Search