PCI Compliance Scans Are Flagging Non-compliant Versions Of Miva Merchant
Up until now it seems that even non PCI Compliant versions of Miva Merchant were not getting flagged by some PCI Compliance scannig agencies such as SecurityMetrics. We came across a site that was being flagged as having ‘Possible blind sql injection’ and it was followed by a bunch links to the merchant Miva Merchant store. Often times the PCI Compliance scanners do raise false positives and in fact this is one of those times but simply running the latest streaming update from Miva within the Miva Merchant admin allowed this site to pass the scan. Your other option is to contact your PCI scanning company and alert them that this is a false positive and hopefully they comply. You should check with a Miva specialist to make sure the streaming updates will not conflict with any modules or customization that have been made to your store. It is also good practice to check that your additional modules are updated to the latest versions as well.
ALERT: Security Metrics PCI Compliance Scanning is now picking up on non-compliant versions of Miva Merchant.
SOLUTION: Stream the latest Miva Merchant updates from the Miva Admin (If it has been a while since the last time you ran the updates and your store is customized you may want to check with your web master or Miva Specialist before running the updates).
Problem Summary per Security Metrics:
Possible blind sql injection on http://www.domain.com/Merchant2/merchant.mvc?Category_Code=100&Current_Product_Code=&Store_Code=NTFL&Screen=OINF&Offset=&Attributes=Yes&%3FAction=ADPR style=”display: none;”> wp –bsql “http://www.domain.com/Merchant2/merchant.mvc?Category_Code=100&Current_Product_Code=&Store_Code=NTFL&Screen=OINF&Offset=&Attributes=Yes&%3FAction=ADPR” “http://www.domain.com/Merchant2/merchant.mvc?Category_Code=100&Current_Product_Code=&Store_Code=NTFL&Screen=OINF+and+1%3D1&Offset=&Attributes=Yes&%3FAction=ADPR” “http://www.domain.com/Merchant2/merchant.mvc?Category_Code=100&Current_Product_Code=&Store_Code=NTFL&Screen=OINF+and+1%3D0&Offset=&Attributes=Yes&%3FAction=ADPR” POST cat <<EOF > bsql.sh curl -L -d “Category_Code=100&Current_Product_Code=&Store_Code=NTFL&Screen=OINF&Offset=&Attributes=Yes&%3FAction=ADPR” “http://www.domain.com/Merchant2/merchant
Read the official Google SEO starter guide
Google has a downloadable PDF titled ‘Google’s SEO Starter Guide’. It explains many of the basics and fundamentals that every website owner, web developer, and web designer should know. This is the official Google SEO starter guide by Google and not some SEO firm that claims to have the magic bullet.
Download it print it, grab a cup of coffee sit in a nice comfy chair and read away and of course make sure you apply these principles to your Miva Merchant Store.
Google SEO Starter Guide PDF Download
In case you would like to read this in another language use this link Google SEO Starter Guide in other languages
Support Disaster Relief in Haiti
On January 12, a 7.0 magnitude earthquake struck Haiti. Join recovery efforts mobilizing around the world to assist earthquake victims. Your donation will help disaster victims survive, and rebuild their lives and their communities. With this link you can donate money to appropriate organizations specifically for “Haiti Disaster Relief” Google is also donating $1 million to help organizations provide relief.
This link on CNN gives you a list of organizations that you can send donations to or volunteer.
Please be kind and compassionate to your fellow human beings. This money will go to prevent people from dying RIGHT NOW from simple infections and other preventable causes.
Allow Email Address As Login Name
You can allow customers to use their email address and special characters in their login name. Read more
SEO basics explained by Matt Cutts of Google
There are many misconceptions about search engine optimization. It seems that anyone that has ever worked with a website has theories on how to rank well in search engines like Google. Remember just because someone claims to be an expert in SEO (Search Engine Optimization) does not mean they really are. There are far more misconceptions and unproven theories about SEO than you might think.
You should really consider the source when taking advice from so called SEO experts, be skeptical, and always research before spending time and/or money making changes on your website for SEO value.
An engineer from Google, Matt Cutts, answers some questions about Google search engine SEO basics and some misconceptions in this video. You should also check some of the other videos I posted of Matt Cutts.
Make Your Miva Merchant Store Extremely SEO Friendly
Finally, there is a list of SEO recommendations to implement on your Miva Merchant store to make it more appealing to search engines when they crawl your site. Miva Merchant is not completely search engine ready straight out of the box. The Miva Merchant SEO recommendations made here are my opinions based on 10 years of experience working with hundreds of Miva Merchant stores. There is no guarantee that implementing these changes on your site will get you top search engine listings because that is mostly dependant on you and your content and of course your competitors but I will guarantee that using these techniques will get you better search engine rankings than you have now. Read more
Add a Miva Search box to any miva page
You can add a search box to virtually any page in Miva Merchant and it is very easy to do. You will have to have a little knowledge of Miva
page templates and a teensy bit of html.
Here are the instructions:
- Figure out where you want to add the search box
- Log into your Miva Admin
- Find and edit the appropriate page or section of Miva that you want to add the search feature
- Add the following code but make sure you do not add this code within a different form:
<form method=”post” action=”&mvt:global:sessionurl;”>
<input type=”hidden” name=”Store_Code” value=”&mvte:store:code;”>
<input type=”hidden” name=”Screen” value=”SRCH”>
<input type=”text” name=”Search” size=”40″ value=”Search Our Products”>
<input name=”" type=”button” value=”Search” />
</form> - You can customize the button value and the search field value to your personal preferences
Enter to win a Free Year of all inclusive Miva Merchant Web hosting with morditech here
Contest for 1 Year of Free Miva Merchant Hosting – no purchase required
we are hosting a contest for free Miva Merchant Silver web hosting for the rest of the year.
There is no purchase necessary to apply and no fees or any other charges.
Here are the rules:
- You must presently have a Miva Merchant Store and be willing to transfer it to Morditech if you win and are not already hosted with us.
- You must use your real name and email address and have the authority to transfer this domain if you win.
- 1 entry per store. A merchant with multiple stores can enter multiple times.
- The store that wins is the store that must be used for the free account. You cannot substitute a store with a different domain.
- The winner must transfer the store within 1 month of winning the contest. Don’t worry; we will transfer the store for you so you do not have to worry about the technical stuff.
- The winner will be picked electronically at random. We will post the winning store on our contest page and contact them on or after February 1st, 2010.
- We reserve the right to change the rules at anytime. We will only change the rules if it is absolutely necessary and to make sure the contest is fair for all applicants.
- Every live Miva Merchant store on any web host including Morditech is eligible to enter this contest.
Miva Merchant and Blogging with WordPress
A great quick way of getting crawled by search engines is to create a blog with wonderfully originally content.
If it seems like you have done everything you can yet you are still not getting crawled as often as you would like then you should add a blog to your website. Blog’s have a tendency to get crawled quickly especially if you submit a sitemap to the major search engines every time you post a new article. Often times your new articles and posts will get crawled that day.
I recommend WordPress because it is very SEO friendly straight out of the box as they say and it is absolutely free. We allow you to add WordPress automatically through our control panel. WordPress is extremely easy to use and you can add media such as images, videos, links to video etc. It has a WYSIWYG (what you see is what you get) interface option for those that do not know how to code in HTML.
Remember original content is always king. Since you can categorize your posts and links in a blog it is usually ok to post about ‘off topic’ subjects which really broaden your keywords and phrases. If you are trying to sell products on your site then you should stay away from controversial subjects. Don’t make it all off topic though. You do want to post articles that are relates to your Miva Merchant store and to your products and categories. The purpose of a blog is not only to get crawled but to create interaction with people that are browsing your site. If you post interesting material then you will get visitors and comments from your visitors.
The more frequently you post the better and put links to your products or categories whenever possible so that your Miva Merchant store is crawled when your blog is crawled.
Good luck, have fun and POST!
Morditech offers WordPress webhosting. Contact us for more information.