Basic Steps to Take After a PrestaShop Installation

Once you have completed the installation of our Prestashop website and created your online store, you will need to set up and customize your store to make it operational. The following steps will have to be completed after your PrestaShop installation:

1. Maintenance mode
2. Configuring languages
3. Organizing your catalog
4. Creating pages with static content
5. Setting up a payment method
6. Setting up a shipping method
7. Adding your logo
8. Choosing a theme
9. Adding and activating modules (slideshows, related products, etc.)
10. Secure Your PrestaShop

Also read:

Basic Steps to Take After a PrestaShop Installation

How to install PrestaShop on a Live Website
 
Manage Products in PrestaShop

Now lets go with our recommended and essential (but not exhaustive) steps to set you on the right track!

1. Maintenance mode

This option lets you work on your store in peace and quiet. Your customers will see a page letting them know that you are making changes to your e-commerce site. This mode lets you carry out tests and changes without your clients noticing, giving you a real view of your store. To enable maintenance mode in PrestaShop, follow these steps:

  1. Log in to PrestaShop as the administrator.
  2. On the top menu bar, click Preferences, and then click Maintenance.
  3. Under Enable Shop, click No. This setting takes your store offline.
  4. In the Maintenance IP text box, type the IP address or addresses that you want to allow to access the store while it is in maintenance mode.
  5. Click Save. Now when you visit PrestaShop from an authorized IP address, it displays normally. All other site visitors, however, receive a PrestaShop maintenance message in their web browsers.

Some modules let you add a countdown to your maintenance mode, for example by installing “Maintenance with countdown mode module”. This can be handy if you want to promote a store launch campaign before it goes online.

Also read:

osCommerce Installation and Initial Setup

osCommerce Security Tutorial

How to login to Magento admin backend

Magento Store configuration

Magento Website Optimization Tips

Magento Website Security Tutorial

2. Configuring languages

If you want to sell abroad, you must translate your store into various languages so that each visitor can understand your products and make purchases.

Add a language to your store and remember to translate all your categories and products.

You can find out more information that will help you configure languages in your e-commerce site’s back office.

Read also:

How to install OpenCart on a live server

How to install an Opencart template

Important Steps After an OpenCart Installation

3. Organizing your catalog

This is the most important part of your store.

Structuring your catalog, drafting product descriptions, choosing photos for your products: all of this is important and must be well thought out.

The first step in creating your catalog is to create categories and sub-categories. Think about your store’s current structure and the changes that you might want to make.

This will keep you from having to reorganize your catalog completely in a few months.

Try to stick to top-level categories and avoid “sub-categories of sub-categories” if you can since they add a step when searching for a product.

If you have a large catalog, remember to set up a rich menu and faceted navigation.

Then, you need to add your products. Describe them in as much detail as possible and add several photos.

The product page should include search engine keywords to help bring you more traffic.

You should also pay attention to the quality of product photos, which is extremely important for online buyers.

4. Creating pages with static content

The Ts & Cs or “Terms and Conditions”

These are important because they define the “rules” of your online store.

Orders, deliveries, payment, withdrawal and all your store’s other rules must appear on this page.

Generally located in the footer, your customers must acknowledge them when they pay for their order.

Take the time you need to draft them.

Other recommended pages

  • About us: your customers do not know you, and you are a stranger to them when they arrive on your store. The "About us" page lets you introduce yourself, share your values and inform your customers about the products you sell. Make sure to create a complete, informative "About us" page!
  • Contact form: your contact page is the form that connects your customers to you and lets you interact with them. This is how they can contact you and how you can help them and answer their questions. Whip up your contact page in a flash!
  • The Secure Payment and Delivery pages already exist on PrestaShop. Simply edit them and adjust them to fit your store.

For more information, let this article inspire you and create other static pages for your PrestaShop store.

5. Setting up a payment method

You must offer your customers a payment method if you want them to pay on your site. You have several options such as:

  • E-wallets where you can open an account in a few hours and let your customers pay by card or account details.
  • A contract with your bank where payments are credited directly to your bank account, but the setup may take longer.

Find out how to set up your payment methods.

6. Setting up a shipping method

To set up a shipping method, you must decide which carrier you want to work with.

Don't forget that different countries have different habits!

Then, set up price or weight bands so you can adjust shipping fees according to the products you sell and the choices you make (for example, free shipping over $100).

Take the time to create good carrier rules.

7. Adding your logo

Once you have finished with the first steps in your back office, you will need to think about your store’s appearance, which is very important for your online sales business.

You should add your logo, which will appear on your store, your emails and your invoices.

Take your time creating it. It must suit your store’s activity.

8. Choosing a theme

You will also need to choose and install a graphic design theme that will set your store’s appearance and user experience.

Carefully consider what you want for your store.

Choosing a theme is a personal choice that must fit the image you want your business to put forward.

9. Adding and activating modules (slideshows, related products, etc.)

When you launch your store, certain features (also called modules) are active, such as demo images or text. You need to configure them so that they fit your store.

For example, you will need to add images and links in your slideshows and configure your related products and social sharing modules with your information.

You have a lot of options that take just a few minutes to set up on your store.

Find out how to activate modules.

10. Secure Your PrestaShop

How to improve the PrestaShop security

In this tutorial we'll make some suggestions on how to secure PrestaShop. We'll start with some more general tips that can be applied to other web applications as well, and then we'll go over security settings that are integrated into PrestaShop and can be configured from the admin panel.

Block Access to Admin Directory

By default, when you install PrestaShop you're required to rename the admin directory with a name of your choice. This is in itself a security measure and you should choose a name that is not easy to guess. Once you have the admin directory renamed you can block access to it for all IP addresses except yours. In this way only you will have access to the admin directory and this will improve the security of your store's backend. Of course, you can also give access to other IP addresses in case you want to let other people access the backend.

You can restrict access to the admin directory by putting an .htaccess file with a rule in it in the admin directory.

Admin Password

Choose a complex administrator password. Use a random combination of upper and lower case letters, numbers and symbols; it should be at least 8-10 characters long.

You can change your password from the backend of your store. After you log in click on the My preferences button that's next to your name, just above the tabs. On the page that opens type your new password in the field for Password, and click on the Save button:

Changing Admin Password

If you have some doubts that someone is trying to use your administrator account, you should change the password. The same should be done after you recover your site from a security issue.

Backup

You should back up regularly your PrestaShop files and the database used by the application. It's very important to do this, so you can restore you site if something goes wrong. It's also a good idea to keep backups from different dates (e.g. from two weeks ago, from a week ago, etc.). You can back up the files by downloading them with an FTP client, and you can back up the database using phpMyAdmin. For more information read the tutorial on how to back up your site.

You can also back up the database from the backend of your PrestaShop store (Tools tab>DB Backup sub-tab).

Update

Another general advice is to update PrestaShop when there's a new stable version. It might be a bit difficult to update a shop to which you have made a lot of changes and modifications, especially if the shop is a big one, but updates have various improvements, including in terms of security.

Database

You should install PrestaShop in a separate database. If you have other web-based applications, it's recommended to install each in a different database. You should also use a different username and password for each database. From the Databases section of the cpanel control panel you can create as many databases as you want, and you can assign a user to each.

When you install PrestaShop you can also change the default ps_ database table prefix to something else (e.g. tpwmk_).

File Permissions

Make sure that the files and directories on your PrestaShop hosting account have the correct permissions. The appropriate permissions for directories are 755 (rwxr-xr-x) and for files 644 (rw-r?r--).

What's most important in this case when it comes to security is the last digit in the permissions. It represents the permissions for all the visitors. You should never have world-writable permissions such as 777 or 666.

The Files section of the cPanel control panel also offers a tool that you can use to fix incorrect permissions. Just click on the button Fix Incorrect Permissions that's on the right side of the screen, and it will fix the world-writable bit, if any.

Add-ons

Generally, third party software provides additional security risks. Sometimes sites are hacked through insecure third party software. So you should install only add-ons and modules that you need and are useful for your store. If there are any modules that you don't use and need any more, you should uninstall them.

Disable Dangerous PHP Functions

There are some PHP functions that you don't need for your store and that can pose security risks. They can be disabled by putting a rule in the php.ini file for your account. This is what the rule looks like (with some sample functions):

disable_functions = proc_open,phpinfo,show_source,system,shell_exec,passthru,exec,popen

Block Access to Template Files

You can protect the template files of your PrestaShop by forbidding access to them. You can do this by putting the following rule in an .htaccess:

<Files *.tpl>
order deny,allow
deny from all
</Files>

You can use the .htaccess file that's in the root PrestaShop directory on your hosting account. For example, if your PrestaShop is installed in a folder called prestashop in the root public_html directory of your account, the path to the file would be public_html/prestashop/.htaccess. You can use the Files section of the cPanel control panel to edit the file. Just insert the rule on a new line in the file, at the end of it, for example.

If you have generated an .htaccess file from the backend of your store (Tools tab>Generators sub-tab), there should be such a file in the root PrestaShop directory on your hosting account. Otherwise, you can either generate an .htaccess file from the backend of your store, or you can create the file from the Files section of the Pixie control panel (there's a Create File button on the right).

Keep in mind that if you regenerate the .htaccess file from the backend of your PrestaShop some time after you have added the above mentioned rule, it will be overwritten and you'll have to add it again.

SSL Encryption

SSL is a protocol that encrypts the data transfer between the server and the client. In PrestaShop it helps to protect sensitive data such as the login details and the order processing. In order to use SSL with your PrestaShop you need a private SSL certificate. Todhost clients can purchase a private SSL certificate.

To enable SSL for PrestaShop, follow these steps:

  1. Log in to PrestaShop as the administrator.
  2. On the left sidebar, click Preferences, and then click General.
  3. Next to Enable SSL, click Please click here to check if your shop supports HTTPS.
    If the SSL test for your shop succeeds, the Enable SSL field displays YES and NO options, and the URL in the browser address bar starts with https://. Alternatively, if you receive a warning message (or any other type of error message) after the test, your site either does not have an SSL certificate installed, or it is configured incorrectly.
  4. To enable SSL for customer account logins and order processing, next to Enable SSL, click YES.
  5. To enable SSL for all of the pages on your PrestaShop site, next to Enable SSL on all pages, click YES.
  6. Click Save. SSL is now enabled for PrestaShop.
    After enabling SSL, you and your customers may receive browser warnings about insecure content. This occurs when a secure page loads embedded resources insecurely using http:// instead of https://. (Custom themes are a common cause of this problem.).

Using Let's Encrypt with PrestaShop

Using an SSL certificate from a recognized Certificate Authority is recommended for best results when enabling SSL for PrestaShop. Let’s Encrypt is a free, automated, and open certificate authority and is recognized by most modern browsers. Let's Encrypt is supported for all new Todhost Hosting accounts and certificates may even be generated automatically for immediate use.

Enabling SSL

Check IP on Cookie

A cookie is used by the site (server) to store information on the client side (the local computer of the user). This information is used for various things: to identify the user's session, shopping cart content, etc.

The Check IP on Cookie feature is integrated into PrestaShop. You can enable and disable this setting from the backend of your store. It's enabled by default. In this way the IP address of the user is checked with that in the cookie. This is done to make sure that the cookie is not stolen/hijacked. Make sure that the setting is enabled. Log in to the backend of your store, click on the Preferences tab and check that the option Check IP on cookie is set to Yes:

Check IP on Cookie Option

Enable Security Tokens

Another feature of PrestaShop that improves its security is the use of security tokens. This option is also enabled by default, and it's recommended to keep it enabled. To check that it's enabled, go to the Preferences tab of your store's admin panel and make sure that the option Increase Front Office security is set to Yes:

Security Tokens Option

Ciphering Algorithm

In PrestaShop ciphering is used to secure account details. From the backend of your PrestaShop you can choose between two different ciphering algorithms. One is Rijndael with mcrypt and the other is the custom BlowFish class. To change the ciphering algorithm, click on the admin panel's Preferences tab, then on the Performance sub-tab, and scroll down to the section Ciphering. By default, the algorithm is set to Rijndael with mcrypt:

Ciphering Section

There are different opinions on which one is more secure. However, it's doubtful that switching between the two algorithms will have any impact both on the security and performance of your store, but it's good to have some choice and to know about this feature. Keep in mind that switching the algorithm will clear all cookies, meaning that all logged in users will be logged out.

Geolocation by IP Address

This is an option that might be more useful for other purposes than to be used as a security measure per se. For example, if you want customers only from certain countries to be able to visit your store and buy from it. Nevertheless, if you want to restrict the access to your store for users from certain countries, you can do it by using this PrestaShop feature. Visitors are identified as accessing the store from a particular country based on the IP address of their computer.

To configure this feature, log in to the backend of your PrestaShop, click on the Preferences tab and then on the Geolocation sub-tab. Before you can enable the setting you have to download an archive using the link provided at the top of the page:

Geolocation Sub-tab

After you download the archive to your local computer you have to unzip it and upload its content to the folder for the geolocation tool on your hosting account. For example, if your PrestaShop is installed in a folder called prestashop in the root public_html directory on your hosting account, the path where you have to upload the content of the archive would be public_html/prestashop/tools/geoip.

After that go back to the Geolocation sub-tab of your PrestaShop, set the option Geolocation by IP address to Enabled and click on the Save button. On the same page there's a list with all the different countries. The checkbox in front of each country is marked which means that all have access. To restrict the access for visitors from a particular country just unmark the checkbox for that country.

From the drop-down menu Geolocation behavior for restricted countries you can select what the visitors from these countries are allowed to do. You can either allow them to see the catalog without being able to place any orders, or you can completely restrict their access to the catalog. Don't forget to click on the Save button if you make any changes.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to install PrestaShop on a Live Website

Further reading: Basic Steps to Take After a PrestaShop Installation How to Backup and...

Manage Products in PrestaShop

In this post, we cover all aspects related to adding, editing and the entire product management...

PrestaShop Store Configuration Tutorial

Once you have your PrestaShop store successfully installed, you should settle down to properly...

PrestaShop Store Management Tutorial

Here we take a detailed look at the various actions and steps required to setup a PrestaShop...

How to Backup and Restore a Database in Prestashop

PrestaShop is a php/MySQL driven application which relies on its database for storing different...