ArchiveCategory: Magento Enterprise

CEO Mark Lavelle talks about Magento’s Future

Magento is the most robust and flexible platform for merchants undergoing digital transformation. As Mark discusses, there’s a shift toward investment in digital technology to drive overall enterprise strategy. And, Magento is the only independent company delivering solutions to SMB and mid-enterprise merchants wholly focused on commerce! If you’re curious about how Magento can help transform your business, please contact our team!

Preparing for a Migration to Magento 2

migration to magento 2 considerations

A migration to Magento 2 requires a well prepared execution strategy. A smooth transition is key and not every business is prepared for that.

Once you’ve decided that migrating to Magento 2 is the right choice for your company, it’s vital not to rush through the migration process. A poor migration could directly impact your bottom line due to confused and unhappy customers. Time spent formulating an execution strategy is critical to your success. 

Take your time and do it the right way by ensuring the following factors are top of mind in preparation for migration.

  1. 1. Data for a Magento 2 Migration

From customer data and order history to product data and store configuration, migrating your data is an important step in moving to Magento 2. Companies should note that this process gets more complicated with large amounts of data. What can be particularly challenging is migrating different types of product data, whether its a simple product, bundled product, or configurable product. With larger stores and customer history to consider, the time invested here can increase exponentially.

  1. 2. Integrations for a Magento 2 Migration

The number and level of integrations with third-party applications should be considered for migration. Luckily, Magento 2’s flexible architecture supports a variety of integrations. To ensure a smooth transition, companies should consider their current integrations and determine whether they still need them or are able to consolidate in to newer, more robust applications. We call this Application Rationalization where we’re able to simplify your application architecture. 

When it comes to the best integrations, do your research. Is there an integrator that already exists for Magento 2 or will you need to create it? Furthermore, how many integrations exist on your current website? The more integrations you use, the more complex the migration process will be.

  1. 3. Extensions for a Magento 2 Migration

In general, the more customization you want, the more development you will have to do. Thanks to the Magento Marketplace, an online store where you can purchase and download the latest versions of popular extensions, there’s a good chance a Magento 2 version of your favorite extension is available for download. However, since the platform is so different from its predecessor, it requires careful consideration when evaluating functionality.

To determine the best course of action, review the features in your current store and determine if there are current versions of those features in Magento 2. If not, you may need to wait for a version release to support Magento 2 or develop your desired feature from scratch.

  1. 4. Themes and Customization for a Magento 2 Migration

The new frontend technologies available on Magento 2 offer merchants a brand-new approach to theming and customization. However, theme and code customization are not transferable from Magento 1 to Magento 2. To take advantage of the changes in Magento 2, developers will need to rework their current code.

Consider which design aspects of your current store you would like to replicate and which design aspects you would like to recreate. While this aspect of migration might be tedious, it will force you to rethink and redo things, ideally leading to more improved usability and increased conversion.


If you decide you are ready to make the switch, ExpandLab is happy to help. Contact us to learn more about how our team of Magento Certified experts can improve your eCommerce site.

3 Considerations When Going International on Magento

Going International on magento Magento International Expansion

How do you prepare when traveling internationally? Between informing your bank to reading up on local cultural idiosyncrasies to ensuring you understand conversion rates, there’s a lot that goes into a two-week vacation for a family of four.

So don’t expect your online retail business to simply drop a router in England and start selling products.

There are a range of variables that eCommerce companies need to consider before they can meaningfully expand into overseas markets. From technical, cultural and logistical perspectives, online retailers must ensure they are prepared before they embark on a global business journey.

At ExpandLab, we’ve been dealing with several issues with clients who have expanded to overseas markets. Below are our top three potential difficulties eCommerce companies will run into when they venture off into foreign lands, and how Magento can help solve for those issues.

1. Language

Language is as much about culture as it is about the actual words being used. While Google Translate may have gotten you a pass for your college Spanish class, it won’t pass the sniff test for a professional online store. Luckily, partnering the right team with Magento’s capabilities will make this a smooth transition.

Additionally, within a certain language, there can be many different dialects. If a company uses the same language coding in Spain as they do in Mexico, customers will be confused and unable to understand key messages behind your brand. Plus, it makes anyone look foolish and unprofessional when using the wrong syntax to communicate with a customer base. Although all of this is more time consuming from a technology perspective, it’s vital to ensure customers will actually be able to understand, and then more likely to purchase, your product.

2. Shipping

The logic behind shipping varies from country to country and region to region. Once a company has established a fulfillment center in a certain country, like Germany, they need to determine how that dispersed shipping will work when shipping within Germany, and how that varies when shipping to other locations like Italy and England. Magento helps solve for these issues by having a huge backlog of data with updated price points for shipping costs.

Because these costs can vary so substantially, a robust understanding of these shifting expenses needs to be completely integrated into your product’s final price. According to a study by WorldPay, over 50 percent of consumers will abandon the checkout process when presented with unexpected costs. Even if your shipping prices can’t compete with local retailers, a consumer will often pay more than you think for shipping a unique item.

3. Duty Fees

This is another cost companies need to carefully consider when pricing their goods in different countries. Some regions will have more than ten line items companies need to include when shipping their goods internationally. Is it best to present these to customers as one single fee or would it better to list them individually? Some countries have Value Added Taxes (VATs), creating another unique coding problem.

The other issue is that these fees are not stagnant. Companies need to ensure they have a team that monitors for increases in tariffs and other fees so their technology can be quickly updated to reflect any changes in costs. We’ve found Magento makes these changes simple and easy to implement. ExpandLab also uses a tool called Avalara that monitors for these types of changes and provides real-time updates so there are no surprises in store for clients.

Going global isn’t simply a matter of flicking a switch. But by keeping the above considerations in mind when building an oversea presence, the benefits are clear and powerful. From untapped markets to greater exposure to favorable business climates, international growth can be a real bellwether for eCommerce companies to take their businesses to the next level.

But to be successful, online retailers need a team that understands the nuances of how a platform like Magento can be used to grow their business and keep the ship sailing smoothly. Our team at ExpandLab has the experience and tools to make your international outreach as simple as possible and extremely lucrative.

CPG Companies Have Every Reason to Love Magento


ExpandLab has a crush on Magento. That’s because it’s flexible enough to be applied to many different companies and we know how to push its buttons to make it work for us.

And that’s the genius of the platform: it has the capability to ensure websites are easy to navigate, organized in terms of stock content, and logical in terms of flow to the checkout for just about anyone.

More specifically, Magento is ideal for Consumer Packaged Goods (CPG) companies. Why? Because it allows them to cut out the middlemen. Traditionally, CPG companies sell to retailers who sell their products to consumers. But Magento allows CPG companies to build their own eCommerce platforms that are much more cost-effective in the long run. The software is also inexpensive enough that companies can test the service without breaking the bank, making it a low entry point to experiment.

While WordPress is the most popular Content Management System (CMS) with more than one-fifth of websites built on it, Magento is the most popular platform for eCommerce websites. Many big brands including Lenovo, Samsung, Vizio, Nestle and Nike use Magento. It holds the largest piece of the eCommerce market with 26 percent share due to its features.

The following three points explain our crush further and make clear why a range of businesses choose to use Magento, rather than industry “leaders” such as Oracle, IBM and SAP Hybris. Depending on your business needs, you can use Magento’s Free Community edition or a feature-reach Enterprise edition for an annual fee; both of which are open source. As our Director of Software Development, Eddie Spradley, says: “Open Source has become not only an acceptable answer to the world’s commercial marketing challenges, but its also become the strategic paradigm. In other words, open source is the new “black.”

1. The total cost of ownership of a website on Magento is cheaper than competitors. Depending on what level of customization you need in an eCommerce store, Magento can cost anywhere between $20,000 and $100,000 to build your eCommerce capability, in addition to maintenance down the line. This may sound like a lot, but the competitors mentioned above are much more expensive. SAP Hybris starts at $54,000 for the basic model. Oracle is over $500,000 for the first year with $110,000 for each following year, and IBM WebSphere runs into seven figures when you factor in design and implementation.

2. Magento has a faster deployment time than competitors. Building a house and making it home are two different things. It’s the same way building an eCommerce website. Beyond the initial setup, companies need to focus on areas to improve the user experience and interface to make it a revenue-generating website. That said, an eCommerce website can be completed in 8-12 weeks using Magento, while the other competitors mentioned can take many months.

3. Magento makes a website highly flexible to adapt to ongoing business needs. Since Magento is an open-source platform, it’s easy for website owners and developers to make changes in source code. Additionally, its powerful structure and user-friendly nature help improve store accessibility. Magento also provides good marketing, a participative community, as well as a genuine and innovative outlook. Beyond these features, the software has the ability to integrate with robust ERPs, has integrated Google Analytics, built-in SEO functionality, and integrated sales and store tracking.

One big CPG brand is already moving into this space: Nestlé. The world’s largest packaged food company has a new focus on direct-to-consumer, with eCommerce sales now accounting for 5 percent of total sales, up from 2.9 percent in 2012. The company has gotten the message that the consumer market is ripe for disruption and the vehicle to get yourself in the middle of it is eCommerce. Other entrants include Unilver, which recently bought Dollar Shave Club for $760 million, and Proctor & Gamble, which launched its own online subscription service.

Whatever size company you have, we believe Magento is the right choice for building and maintaining a successful eCommerce platform. It allows for the integration of additional functionality into its software by giving seasoned professional coders the ability to craft something more bespoke and tailored for the future.

Magento 2 SSO Solution Using JWT? Wow, That Was Easy

By Edwin Spradley


“The two systems need to be integrated.” As a merchant in the e-commerce space, this can be a very unsettling realization. You think back to your last systems integration when your e-commerce agency far exceeded both the agreed upon timeline and budget. You start evaluating all of the disappointing experiences you’ve had with your current agency and sweat begins to stream down your forehead as you think “they can’t even get my site to load fast and now they have to integrate with another system?”

Systems integrations can be very challenging, but fortunately there are many ways to minimize, if not completely eliminate, the pain associated with such a venture. At ExpandLab, we were recently asked to complete a single, single sign-on feature for a customer who had a marketing system completely separate from their e-commerce site. Further complications arose when we realized we needed to find a way to automatically log a user in to the opposing system so that they didn’t have to log in twice. 

We aren’t going to go too far into the details of the systems at play here for proprietary reasons. But below I’ve listed a basic step-by-step process explaining how we went about the challenge of the Single Sign On (SSO) feature and how we built it from scratch in just over a week’s time.

Step 1: Research, research, research.

The first step in any project is the drawing board. We needed to determine which software would be the best fit for this particular customer and looked into Magento2, Secure SSO solutions, etc. Although this project had a quick turnaround and tight deadline, we had to be sure we were starting with the right foundation or the whole thing would have fallen apart.

Step 2: The pitch, take one.

It seemed the best option was a SAML based SSO option. The customer already had an active directory server for their corporate accounts and there were alternative providers, such as One Login, Okta, Ping Identity that could be used.  We even found a module built by Sixto Martin who boasts of having considerable experience building SAML plugins and toolkits. But there was one big problem. The pricing for a cloud based provider was astronomical. We are talking an average of $2 – $6 per user. This is a site that had several million customers and clearly that pricing wasn’t going to work.

Step 3: A lightbulb moment.

While we were down we weren’t defeated. We continued to reach out SAML providers as we started evaluating other options. We had run across a few ideas during research, but nothing that we thought was a robust solution or could solve all of our problems on a tight budget and timeline. That’s when a new idea popped up from, who else, the new guy in our office. He suggested using JWT and, voila, a solution was found.

JWT worked because it would allow us to tokenize claims securely between the two systems using the industry standard RFC 7519 method (to paraphrase their tagline). This meant that we could pass sensitive data back and forth without someone being able to hijack the data. The question was then, could we build this type of integration in under two weeks?

Step 4: The build. 

So we went to work. No existing plugins were available for Magento 2 and JWT, so we had to build it from scratch. We settled on using JWT’s firebase library for PHP because it had everything we wanted including the broadly support HS256 encryption type. The whole process ended up taking just over a week from start to finish and the solution is now processing thousands of secure transmissions daily. That’s what happens when you think outside the box and dedicate the right amount manpower and resources to an intensive web project.


Want to learn more or share your experiences? Reach out to Edwin Spradley, Director of Software Development at ExpandLab and author of this article.

ExpandLab Client Notice: Significant Changes to USPS Shipping Options inside Magento

Starting on Sunday, July 28, the United States Postal Service will roll out changes to their API that will impact your ability to offer Priority and Express mail shipping options. USPS is changing the name of those two shipping methods and their Webtools API is being updated to match those changes.

To continue utilizing USPS Priority AND Express mail methods, merchants on Magento Enterprise Edition must install the patch we¹ve created to address the issue.

If your merchants are on Magento Enterprise Edition 1.12 or 1.13, download the patch here and use the installation instructions at the bottom of this email.

If your merchants are on earlier versions, patches and instructions will be available on Monday, July 29, and we will send out an email with download information.

Please note that you will need to wait to install this patch until July 28, after the USPS has made the change to their API.

For more information, here is the official statement from USPS:

In Magento, How to redirect all non www pages to www pages

In .htaccess, after

#RewriteBase /magento/
After it I placed on their own lines:

RewriteCond %{HTTP_HOST} !^$ [NC]
RewriteRule ^(.*)$$1 [L,R=301]

Magento Fix when upgrade to 1.7 and State drop down does not appear in IE 8, IE 7, etc.

Replace the following code in form.js

if (this.regionSelectEl.options.add) {
} else {


if (this.regionSelectEl.options.length > 0 && option.value.length > 0 && option.text.length > 0 && this.regionSelectEl.options.add){
//~ this.regionSelectEl.options.add(option);
} else {

How to apply Magento Security Patch – Zend Platform Vulnerability

We have recently learned of a serious vulnerability in the Zend platform on which Magento is built. This note provides information on how customers can access and install a patch that addresses this issue.  If you need assistance with this, please let us know.

The Issue

The vulnerability potentially allows an attacker to read any file on the web server where the Zend XMLRPC functionality is enabled. This might include password files, configuration files, and possibly even databases if they are stored on the same machine as the Magento web server.


We recommend that all Magento implementations install the latest patch appropriate for your platform:

  • Magento Enterprise Edition and Professional Edition merchants:
  • You may access the Zend Security Upgrade patch from Patches & Support for your product in the Downloads section of your Magento account. Account log-in is required.
  • Download


If the patch cannot be applied immediately, the following instructions can be followed to temporarily disable the RPC functionality that contains the vulnerability. Please be advised, any integrations that rely on the XMLRPC API functionality will no longer work after this workaround is implemented.

  • 1. On the Magento web server, navigate to the www-root where Magento app files are stored.
  • 2. In the wwwroot, navigate to /app/code/core/Mage/Api/controllers.
  • 3. Open XmlrpcController.php for editing.
  • 4. Comment out or delete the body of the method: public indexAction()
  • 5. Save the changes.

Additional Notes

Users with existing IDS capability may monitor the RPC interface to watch for attacks. As always, we recommend maintaining an up-to-date installation of the Magento platform as the best way stay secure.

The latest releases of Magento (Community Edition 1.7.02 and Enterprise Edition 1.12.02) incorporate the appropriate patches. please use correct versions of releases and .

Contact us today! Let's talk about how we can help grow your business.

Contact Us