Dec 09 2016
skeletons in your code

Are There Skeletons in Your Magento Site?

Have you ever wondered whether your Magento site is as good as it could be? Many ecommerce professionals do. Consider this: There are hundreds of Magento developers, thousands of Magento extensions, and countless ways to configure your Magento site. What’s more, developer skills vary widely, as does the experience of the third parties who build those extensions. Add to that the complexity of an open source ecommerce platform, and it’s easy to see why many of the 250,000 Magento sites aren’t functioning as well as they should be.

Was Your Site Built Using Magento Best Practices?

If your site is slow, if your system crashes frequently, or if you have difficulty making upgrades or deploying new features, your ecommerce store probably wasn’t built with Magento best practices in mind. Shoddy development can lead to performance issues that wreak havoc with your KPIs. What’s more, security vulnerabilities could expose you to a data breach, which could harm your customers, and damage your brand’s reputation.

How To Fix A Bad Magento Site

To fix a vulnerable Magento site, you must understand where it’s weak. You can do this by retaining an agency to conduct an audit of your code and systems. More than a mere kick of the tires, the audit is akin to having a mechanic conduct an inspection of your car. It consists of an analysis of how your site was built, which third-party applications it’s running (everything from a simple email marketing module to a complex order management system that makes real-time requests via the Magento API), and where the vulnerabilities lie.

At Blue Acorn, the code portion of the audits is conducted by a certified Magento developer and typically takes about 30 hours to complete. Over the course of the audit, the developer will compare your Magento instance with the software as it was originally delivered—in other words, without customization. The developer will compare this “vanilla” software to your core files, database, templates and front-end assets, and modules. He or she will then assign a letter grade to the purity, quality, and impact of each of these four components. The final deliverable is a report that will act as your blueprint for moving forward, prioritizing critical fixes and highlighting the issues you can safely ignore.

Common Problems An Audit of Your Magento Site May Reveal

Over the years, Blue Acorn’s Magento developers have conducted scores of audits, and they usually uncover multiple problems for any given site. To give you an idea of what those are, we asked our developers to share the ones they see most often during the code portion of an audit.

The Seven Most Common Problems With Your Magento Site:

  • Dangerous coding practices. Here we are looking for any altered or incorrectly overridden core files and improperly managed themes. We’re also checking for things like raw SQL queries and database calls. Not only are these poor coding practices that add unnecessary expense to future development, but they may represent a very straightforward exploit vector that could lead to stolen customer information.
  • Process issues. We often find that the client who commissioned the audit doesn’t fully understand their processes; there are almost always gaps and misunderstandings. Clients usually learn a great deal from our audits, but even then there are usually holes in our knowledge that we discover as the relationship develops.
  • Functionality gaps and outstanding defects. Audits tend to run sites through their paces, and are a prelude to a ton of server changes. The process can get pretty painful, and it makes everyone hyper-aware of problems. As one developer said, “I’ve had clients swear they used a feature yesterday that hasn’t actually worked in months. It’s human nature.”
  • Server tuning. Code audits highlight some of the differences between your current setup and a preferred setup. We find the performance that some clients are leaving on the table quite surprising.
  • Application flaws. Our audits tend to focus on third-party development work, usually with an eye toward evaluating performance. A few poorly-optimized lines of code can mean the difference between a fast Magento site and a slow one. The good news is that poorly performing sites benefit tremendously from light refactoring in the right areas.
  • Complex code. Overly complex code, or code that has technical debt, isn’t inherently wrong, but it can drastically affect development costs.
  • Security vulnerabilities. Missing patches, insecure code, and outright malicious files can lead to site outages, loss of customer data, or even full control over the site by hackers. We identify which patches are missing or necessary, and ensure vulnerable code is identified for correction.

Choosing An Agency

If you’re looking for an agency to conduct a code audit, prioritize thoroughness as well as Magento experience. And ask for a sample of the deliverable report. We’ve had clients tell us they paid for an audit from another agency but didn’t receive the results in writing.

Over To You

Do you have questions about the integrity of your Magento site? Ask a question below and our experts will answer it.

Matthew Rickerby

Head of Marketing

Matt began his career in ecommerce at Blue Acorn over seven years ago. His areas of expertise include persona development, account-based marketing, and content marketing. He has co-written speaking sessions for Bronto Summit, DIG South, GIANT, and Revolve, and received multiple awards for videography, blogging, and copywriting.

One Comment

Pragati Udyog
Dec 12 2016

I am developing e-commerce site using Magento. Hope this information helps me to develop the good websites. Thank you for sharing.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.