Month: August 2021

Magento 2.x Compare Products

Posted on by John

It is process comparing similar products before deciding which one to buy, There are many available products, buyers / customers can compare products on the bases of price, size, colour, discount etc comparison, before having purchase decision.

Magento 2 Compare Products generates a detailed comparison or side-by-side comparison of two or more products on the bases of price, size, colour, discount etc comparison, before having purchase decision.


By Default The Compare Products block usually appears in either the left or right sidebar of a catalog page.

After comparing Product Logan Heatec Tee & Global Heatec Tee

Similarly, customers can add more products to compare.

Magento 2.x Enable & Disable Compare Products

Posted on by John

There are following below things need to follow to Enable & Disable Compare Products

[1] Go STORES > Configuration, redirects Configuration section.

[2] Left panel under Catalog, choose Catalog

[3] Go to Catalog & Expand the Recently Viewed/Compared Products section & follow below things

Once Recently Viewed/Compared Products section expanded, It is view as below

  • Set Show for Current to the website, store, or store view where the configuration applies.
  • In the Default Recently Viewed Products Count field, enter the number of recently viewed products to appear on the list. In the Default Recently Compared Products Count, enter the number of recently compared products to appear in the list.

[4] Finally Clicked on Save Config Button

Magento 2.x Enable One Page Checkout

Posted on by John

There are following below things need to follow to enable Magento 2 One Page Checkout.

Step-[1] Go STORES > Configuration, redirects Configuration section.

Step- [2] Go To Sales > Checkout

Once clicked on Sales, display multiple values , need to click on Checkout.

Step- [3] Once Clicked on Checkout, displayed checkout options as below image, There are following below Checkout Things are given

  • Enable One Page Checkout: By Default enable , if Admin User wants to disable, need to select No from Drop Down, Finally One Page Checkout will be disabled.
  • Allow Guest Checkout: By Default enable , if Admin User wants to disable, need to select No from Drop Down. Finally Guest Checkout will be disabled.
  • Display Billing Address On: By Default Payment Method selected, There are two Values given , Once Clicked on Drop Down
    • Payment Method: If selected Billing Address will be displayed on Payment Method
    • Payment Page: If selected Billing Address will be displayed on Payment Page
  • Enabled Terms & Conditions: By Default Payment No selected, If Yes selected Enabled Terms & Conditions checkbox will be displayed.
  • Maximum Number of Items to display in Order Summary: By Default 10 Products are being displayed, if filled more than 10, Total no of products will be
    more than 10 in Checkout Order Summary
  • Enable Address Search: By Default No

Step- [4] Click on Save Config button & run CLI command Flush

Magento 2.x Enable Captcha on Registration Form / Login Form / Contact Form / Forgot Password Form / Checkout Form

Posted on by John

There are following Magento 2 default forms are given where CAPTCHA must be enabled

Recommendation :

CAPTCHA on on all above Forms to prevent against malicious/mass-creation users / spam entry, CAPTCHA must enabled.

Applying coupon code Form

Create User Form

User Login Form

User Forgot Password Form

Contact Us Form

Change Password Form

Checkout as Guest Form

Register During Checkout Form

Contact Us Form

Payflow Pro

Send To Friend Form

Share Wishlist Form

There are following below things need to follow to enable Captcha in all above Forms

[1]- Go STORES > Configuration, redirects Configuration section.

[2]- Go To CUSTOMERS > Customer Configuration

Click on CUSTOMERS section & select Customer Configuration, redirects CAPTCHA section.

[3]- Go To Forms section. There are following below each CAPTCHA Form field details described.

Note : Each form field use system value checked, if you want to modify need to uncheck.

[3.1] – Enable CAPTCHA on Storefront : Select Yes from drop down, by default Yes selected.

[3.2] – Font : Select font, by default font LinLibertine selected

[3.3] – Forms : select any form or set of form as

Applying coupon code Form

Create User Form

User Login Form

User Forgot Password Form

Contact Us Form

Change Password Form

Checkout as Guest Form

Register During Checkout Form

Contact Us Form

Payflow Pro

Send To Friend Form

Share Wishlist Form

once selected any form or set of form, Captcha will be enabled.

By Default User Login Form & User Forget Password Form Captcha enabled

[3.4] – Displaying Mode : Two option are here as After number of attempts to login or Always

By default After number of attempts to login selected, It means number of login attempts , CAPTCHA will be displayed, number of login attempts defined next step.

[3.5] – Number of Unsuccessful Attempts To Login : By default 3 attempts, if 0 selected CAPTCHA will be always displayed on forms.

[3.6] – CAPTCHA Timeout (minutes) : By default 7 minute specified,
as per store requirement, need to modify.

[3.7] – Number of Symbols : By default 4-5 , as per store requirement, need to modify.

[3.8] – Symbols Used in CAPTCHA : By default combination of
Capital Alphabet, Small Alphabet & Number (0-9).

It only allows combination of Capital Alphabet, Small Alphabet & Number (0-9), Never allowed Spaces, Character, Special Character

[3.9] – Case Sensitive : By Default, No selected, as per store requirement, need to modify.

[4]- Finally click on save button & now Magento 2 website / store User Login Form & User Forgot Password form now ready with CAPTCHA

Website / Store protects against prevent against malicious/mass-creation users / spam entry after enabled CAPTCHA


Magento 2.x Admin Security

Posted on by John

There are following steps need to follow in Magento 2 admin to be secure Magento 2 Admin, only authorized user can access system

  • Go To Magento 2 Admin
  • Stores–Configuration–Advanced–System–Admin
  • Admin User Emails 
There are following three parts are given under Admin User Email

Forgot Password Email Template: Select Forgot Password Email Template from drop down email template--by default Forgot Admin Password (Default).

Forgot & Reset Email Sender: Select Contact List to send forget & reset password to specified email-- By Default General Contact, whatever email written in General Contact, forget & reset password
email sent to that email. There is another option Sales Representative  or any custom contact list from drop down list

User Notification Template:  Select User Notification Email Template
which is responsible for all users activity email notification template to Admin
  • Admin Base URL
There are following three parts are given under Admin User Email

Use Custom Admin URL: Select Yes if Admin User want Custom Admin URL

Use Custom Admin Path: Select Yes if Admin User want Custom Admin Path

Custom Admin Path: Provide Custom Admin Path Name if Admin user want
  • Startup Page
Once Admin Uses logged in Magento 2 admin by default redirects on Dashboard Page , if Admin User want, select  another admin redirection page from drop down list, where all admin pages are given as per below Dashboard drop down list
  • Security
There are following three parts are given under Security

Admin Account Sharing: By Default, it is Yes, because Admin User can login in multiple system, by using same Admin User Credentials
If It is No, Admin User can not login in multiple system, by using same Admin User Credentials.

  
Password Reset Protection Type: By Default IP and Email, if Admin User can select by IP or Email or None from drop down list.



Recovery Link Expiration Period (hours): Password Recovery Link expiation period , By Default 2 Hours, If Admin User wants to put more Hours, can modify value more than 2. 

Max Number of Password Reset Requests: Limit the number of password reset request per hour. Use 0 to disable. .

Min Time Between Password Reset Requests: Delay in minutes between password reset requests. Use 0 to disable

Add Secret Key to URLs: By default Yes, If Admin User do not want to put Secret Key to URLs, can select No from drop down.

Login is Case Sensitive:  By default No , If Admin User want to 
Login User Name as Case Sensitive, can select Yes from drop down.

 
Admin Session Lifetime (seconds): By default 900 Seconds [15 Minute], If Admin User want to modify , can modify values,
but enter at least 60 seconds and at most 31536000 seconds (one year).

Maximum Login Failures to Lockout Account: By default 6,  maximum Login failures attempt, if not putting correct Admin Credentials,
If Admin User want to modify , can put different value, 
this feature will be disabled if the value is empty.

Lockout Time (minutes): By default Lockout Time 30 minutes, increase as per requirement.

Password Lifetime (days): By default 90 days, increase as per requirement. this feature will be disabled if the value is empty.

Password Change: By default forced, If Admin User want to change
can select Recommendation from drop down list.

In case forced whatever strong password while creating / updating password  it will accept.

In case Recommendation , there are some strong password steps will be displayed, while creating / updating password

HTTP Security Headers Checker Tool

https://www.site2info.com/sitesecurity.php

All Website HTTP Security Headers
To Protect Website Against Vulnerability Attack, Hacker Attack, Virus Attack

Magento 2 All Database Tables [500 & more Tables]


HTTP Security Headers Checker Tool – Security Headers Response


How to add Feature-Policy Security Header


How to add X-Content-Type-Options Security Header


How to add Expect-CT Security Header


How to add X-Frame-Options Security Header


How to add X-XSS-Protection Security Header


How to add Referrer Policy Security Header


Referrer Policy Header Security


Magento 2 Admin Security


How to add HTTP Strict Transport Security (HSTS)


How To Set CSRF Token in Magento 2


What is CSRF and CSRF Token

Magento 2.x Differentiate Between Factory and Repository

Posted on by John
FactoryRepository
1The factory pattern deals with how an object is createdThe repository pattern deals with creating a set of data access services, It is CRUD methods
2Factory Model having very limited dataRepository Model having all data
3For saving model, never recommended Factory For saving model, always recommended Repository
4If creating Objects and fill those objects with data need to use a FactoryIf creating objects and fill those objects with database data need to use a Repository

HTACCESS mod_expires Module

Posted on by John

When user browsing a website, the website’s contents will cache in your browser. This cache can be controlled by using to configure Cache-Control HTTP headers for your website, This is done by adding mod_expires in the .htaccess file of your server.

If you don’t use Cache-Control HTTP headers, then, you will have a longer wait times when browsing your website. Each time your website is accessed without Cache-Control, your website has to make a request to the server for each content as image, html file, jquery file, javascript file, CSS file, and so forth to load.

HTACCESS mod_expires Module instructs Apache to generate Expires and Cache-Control HTTP response headers for the specified content types. Web browsers parse these HTTP response headers to determine how long to cache content on the client’s machine browser.