GO-LIVE – The Rhino Inquisitor

Let’s GO-LIVE: Customer Migration

Thomas Theunen — Mon, 17 Oct 2022 17:49:09 +0000

We have already gotten a few parts down of our GO-LIVE story, but we are far from done. Going live with any Commerce project can be quite an endeavor. But hopefully, with this series, the most critical parts of the puzzle are covered!

On to the next piece: Customer migration!

Start sooner rather than later

Although this series is about GO-LIVE, which happens at the end of a project – a lot of preparation goes into it, even weeks and months in advance.

Data migration should be in your planning as soon as possible, as customers who existed on a previous platform (which usually applies) must be migrated.

The main reason to start this sooner rather than later:

You are, in most cases, not in control!

What I mean by this is that the implementation partner of the previous platform needs to share the data with you, either in their format or in the one that Salesforce B2C Commerce Cloud uses.

And since this is sensitive data, processes need to be put in place to ensure the transfer of information happens securely!

Decide who is in charge

Salesforce B2C Commerce Cloud only allows formats it defines, which means that with any migration, some transformation needs to happen from the format of the previous platform to that of SFCC.

And there is only one option: XML (Business Manager or Automated job).

But what do you mean by “who is in charge?”. Well, who is going to be doing that transformation? Depending on the answer, this will affect your planning.

There are a few options for who takes ownership of this:

The Consulting (Implementation) Partner
The Salesforce customer
The previous implementation partner

Ultimately, it does not matter who does it as long as they have the required knowledge of both the old and new formats. There is enough documentation available to get anyone started on the process, and guidance from the Implementation Partner is always a good thing.

Handle with care

I have mentioned this before, but we deal with people’s personal information in this process! Be sure that the data you work with is handled properly!

Transfer the data securely, and only transfer it to people who need to work with this data.

Don’t email the database unencrypted to everyone involved in the project.

And also important, once the people have done their task, they must delete the data from their systems.

Make a deployment plan

Work out a detailed plan on how you will do this migration. In many cases, the old platform will still be up and running a few hours before the scheduled go-live.

So what about the registrations and account updates between the last export and when you go live? Think about, and discuss with the team how to handle the last delta import to make sure no data is lost.

Make these steps part of your deployment plan, and decide who is in charge of each step.

Compare and test

After converting the data, run extensive testing on the source and target file to ensure no data has been mixed up.

This might seem obvious. But we don’t want to link the address of person A to person B accidentally, do we?

Password migration

I will not elaborate on this one too much, but compared to the other data in a customer migration, this tends to be the most challenging.

Why is that? Well… better hope you get this data encrypted or hashed! Otherwise, the previous platform had some severe security issues. And because of that encryption/hashing, you need to find ways to handle this.

To dig deeper into this topic, I will redirect you to an excellent article by Oleg Sapishchuk.

Monitoring

The final step, as with many things, is monitoring after go-live. Make sure people can log in – and make Customer Service aware to note down all the information to track potential bugs.

It is vital to keep this part of your daily routine for the first few days (amongst other things) after the big release.

Rollback

With any big release, make sure you also have a contingency plan. Things can go wrong, and a rollback might be needed to make corrections.

Like a deployment plan, ensure a rollback scenario is covered with tasks and who is responsible for each. We all wish everything goes as planned, but the reality is not always so kind.

The post Let’s GO-LIVE: Customer Migration appeared first on The Rhino Inquisitor.

Let’s GO-LIVE: SEO

Thomas Theunen — Mon, 05 Sep 2022 08:35:42 +0000

When going live with a website, SEO is an integral part that should not be overlooked. It is a long-term strategy that should be started before your website goes live.

This article is part of a GO-LIVE series that should give you all the tools necessary to have a comfortable release!

What is SEO?

Let us start with the basics here; what is SEO? Well, it stands for Search Engine Optimization. This is a process you want to use to ensure that the people looking for your site or a specific part (products most likely in the Salesforce B2C Commerce Cloud space) can easily find that page.

The people who use a search engine and consequently find the page are called “organic” traffic, a term you will come across quite often when working on traffic analytics data.

Why should I care?

I think the answer to that question is quite obvious! Any owner of a website/store wants to drive traffic to it. And optimizing a website so that Search Engines and other channels will put those pages at the top of the results is a fundamental way to do that.

When should I start the analysis and investigation?

This will depend on the project and who you have available (maybe a specialist is in the team that focuses on this?). But a general rule of thumb is to start as soon as possible, as SEO can impact a project on multiple levels.

Depending on the requirements, this can be on the business or development side.

It is a team effort

Doing optimizations to the SEO of your site requires the involvement of many different people in and out of the organization.

Think of it this way: to get good SEO, you need good quality data and content. And someone needs to write that content, push it to the correct channels, translate it if necessary to all supported languages, …

So involvement is required from:

The team managing the marketing/content
The team managing the product data ( PIM, ERP, … )
The commercial team
The development team
…
Oh… and the SEO team

That is a lot of people that need to talk to each other, right? Unless someone manages all the above on their own (good luck to them)!

Make sure to get these parties around the table when needed! You do not need to involve everyone all the time, but for most requirements, it is pretty evident who you need to invite.

e.g., “We need a good product description to show on the product detail page” will require the involvement of at least three parties listed above. (I will let you think about which ones)

And before I forget, the above is an excellent example of a “vague description.” So maybe we should have clear requirements?

Clear requirements

The rules of SEO change often, and experimentation is part of the game. Developers know quite a few rules of engagement, but will never be as educated as someone specializing in this topic.

When creating requirements for the development team, give as much information on what you are trying to achieve and how. Do not leave too much to guesswork, as this could hurt your efforts in the long run.

If a requirement was not described in as good detail as it should, making the developer take “assumptions,” the amount of time to recover from possible damage could be months.

SEO takes time SEO improvements (in most cases) do not pay off visibly in days or weeks. Some can take months to show their "worth" or their "damage."

Involvement of the SEO team

I talk about a team, but this could also be a single person (internal or hired gun). In any case, it is essential to involve them every step of the way. And that includes the validation of the implementation.

Even if a requirement was clear, some things might not be implemented correctly.
Or maybe the required data wasn’t provided by the PIM? Then the development work was done, but the data quality needs improvement.

Detecting these issues/challenges as early as possible is critical to your strategy. But that doesn’t only apply to SEO, now does it?

Where do I start?

I am not someone who likes to re-invent the wheel or write an article when there is already great content about all the different steps in a project and how to configure Salesforce B2C Commerce Cloud.

So here is a list of some great articles by Edwin Romero:

SEO Glossary
How to do an SEO Project Plan
Salesforce Commerce Cloud SEO Guide (The Business Manager Explained)
Site Migration

There is much more great content available on his site! So be sure to do a bit of perusing.

The post Let’s GO-LIVE: SEO appeared first on The Rhino Inquisitor.

Let’s GO-LIVE: The Salesforce B2C Commerce Cloud Environment

Thomas Theunen — Mon, 22 Aug 2022 17:37:46 +0000

Welcome to the GO-LIVE series, a set of articles about preparing for the launch of one or more channels on Salesforce B2C Commerce Cloud.

This is only the second article so far, but after releasing the first one about the eCDN, I felt I might have skipped some vital information.

Sure, there was an explanation of the eCDN and its use. But not how it fits in the “bigger picture.” So let us look at the architecture of the different environments in Salesforce B2C Commerce Cloud!

An overview

Before we move into the details where the Embedded CDN (eCDN) is mentioned, let us get an overview of the components that make up “SFCC.”

View on Lucidchart

Commerce Cloud Core

It all starts with the big chunk of functionality at the center, “Commerce Cloud,” which consists of:

The monolithic storefront using SFRA or SiteGenesis
The Open Commerce API for Headless applications
The WebDAV filesystem

Einstein

We can’t forget about one of the big selling points of SFCC, the “built-in” AI that will analyze shopper behavior and give recommendations to increase revenue and the average size of the basket.

Note: I have an article explaining what Einstein is and what it can do in the pipeline!

SCAPI

As you can see in the diagram at the top of the section, the SCAPI is a set of RESTful APIs built in MuleSoft that proxy the OCAPI behind the scenes to allow some extra things on top of the original OCAPI.

But besides having some APIs that the OCAPI does not have, there are some drawbacks (for now).

MuleSoft Even though this is MuleSoft, you do not get access to it yourself. It is fully managed by Salesforce and has probably been put in place to allow for flexibility in the future.

Log Center

Can’t find your way in the logs on the WebDAV? Have no fear; Log Center is here.

In the Log Center, you can easily filter and search for specific log entries and even be notified when particular thresholds are met.

Reports & Dashboards

Need insights on your sales or site performance? In this tool, you can view statistics on:

Sales
Products
Promotions
Search
Traffic
Einstein
Technical data (performance)

Control Center

The place to be if you want to manage all of your environments (Sandboxes, PIG Instances). Using this tool, you can create, start, restart, stop and reset environments linked to your account.

Composable Storefront

The latest addition to the diagram, the answer to all your Headless Storefront needs!

Account Manager

Since all of the items mentioned above are separate tools/sites you have to visit, it would be a shame if you had to keep track of different credentials (you had to for a long time).

Account Manager provides you with “Unified Authentication” so that permissions and user credentials can be managed from a central location, rather than having separate ones for each application.

From the perspective of a request

In the diagram below, we look at a potential request to an SFRA or SiteGenesis channel and see what different layers it passes before a visitor gets a page rendered in their browser!

In this case, the explanation of each component of the environment is in the diagram itself. Word of warning though, this is a lot more “technical” than the previous section.

View on Lucidchart

Layering the CDN

It is possible to introduce your CDN (e.g., Akamai) or your own Cloudflare account next to the eCDN.

The critical thing to remember is that the eCDN will always be part of the chain!

Origin Shielding

As of August 2022, Origin Shielding has become active. All storefront (shopper) traffic must pass through the eCDN (Cloudflare).

This change does not affect:

Business Manager
Inventory Service
Analytics Service
Mainstreet Order Management Service
Order Integration Service
Salesforce Commerce API (SCAPI) calls
Shopper Login (SLAS)
Image Downloader Service
WebDAV calls
/dw/monitor calls for health checks
sffc-ci tool (developer instance only)
Data APIs

The post Let’s GO-LIVE: The Salesforce B2C Commerce Cloud Environment appeared first on The Rhino Inquisitor.

Let’s GO-LIVE: eCDN

Thomas Theunen — Thu, 04 Aug 2022 06:53:47 +0000

So, you want to set a website live on Salesforce B2C Commerce Cloud. It is all relatively new to you, but your task is to set up the Staging and Production instance to prepare your “GO-LIVE.”

Not to worry! The ECDN is not rocket science, far from it. Once you have set up your first vanity domain, the second one will be peanuts.

Update August 5, 2022: Added some warnings to this post with things to keep in mind. Thank you, Sachin Upmany, for the reminder that this information is also essential in these guides!

What is the eCDN?

But first things first. It is as essential to know what the eCDN is to configure it! What does Salesforce have to say about this feature:

Salesforce Commerce Cloud provides digital customers an embedded content delivery network (eCDN) designed to accelerate site speed access and content delivery. The end result is a more secure, reliable online shopping experience for the consumer.

Ok, ok. The sentence above might not explain what the eCDN is and does.

To put it in simple terms: it’s Cloudflare! If you have been active in web development for a while, you probably are already familiar with the service.

For the most part, Salesforce has put itself in between and taken complete control of the Cloudflare configuration.
But luckily, they have left us with a few buttons and switches to fiddle with in the Business Manager.

Within this interface, you can configure:

Your supported vanity domains
Managing SSL certificates
Firewall & WAF (Web Application Firewall)
Performance Optimization
Custom Error/Under Attack Pages

Getting Prepared

Before configuring the Production Business Manager, a few things need to be in order and prepared.

Domain

This one should be pretty obvious, but I’ll mention it anyway. Make sure the domains you will be using have been purchased. If you don’t own the domains, you won’t be able to point them to Salesforce B2C Commerce Cloud.

DNS Configuration Access

To point the domain to Salesforce B2C Commerce Cloud, you need access to the domain DNS configuration. In later steps, you (or someone else you are in contact with) must add TXT and CNAME records to the DNS configuration.

APEX Domain Pointing / Naked Domain It is essential to know that the APEX Domain or Naked Domain does not support CNAME records.

Usually, a DNS provider has solutions for this, but this needs to be considered. In a worst-case scenario, you need to set up a "mini-server" to do the redirection of the naked domain to the www subdomain. You can find some information on Salesforce Help on this topic.

With a naked domain we mean https://mybrand.com (without the www).

Get your SSL certificates

We have come to a time where no website should operate without a secure connection. To achieve that, an SSL certificate is required.

To do the configuration later, you need the following:

The certificate
The private key

Note: If you are unfamiliar with how certificates can be obtained, a lot of helpful information is floating around on the net.

Alias Configuration

A prerequisite for a domain to be available in the eCDN is that it is configured in one of the sites in the alias configuration.

An example config you can use to get you up and running quickly:

				
					{
  "__version": "1",
  "settings": {
    "http-host": "www.my-domain.com",
    "https-host": "www.my-domain.com"
  }
}

Once an Alias is configured on at least one site in your production environment, we can continue to the next step!

Alias Configuration Setting up this configuration can be a pain in the ***, so be prepared to fiddle around with it for a few hours if you are unfamiliar with it, especially if you are handling multiple sites with multiple domains.

Add the domain to the eCDN

Use the correct environment Setting up the eCDN is done on the production instance!

Zone Creation with care Once a zone is created, this can not be undone, and you will have to go through support to be able to undo this.

To get to the eCDN configuration, go to

“Administration” > “Sites” >”Embedded CDN Settings“

Once the page has loaded (be patient), you will see the following at the top right of the page.

You should see the message “x hostname(s) available” if everything goes well. If not, go back to the Alias configuration to verify everything was saved correctly.

Click “Add Hostname.” A screen should show your configured Alias domain and to which site it is assigned.

Click “Create Zone.” Be patient; it can take a while before something happens.

Verify ownership of the domain

Once the page responds in the previous step, you should see something like this.

If you see the above, you are well on your way! But there is a clear message: “Verification needed.”

Before continuing, we need to verify that we own the domain. Click the text “Verification needed,” and you will see more information on the next steps.

This builds on the pre-work steps where you need access to the domain’s DNS. Before we can continue with the following steps, a TXT record with the provided value needs to be added to the DNS settings of your domain.

DO NOT DO THIS ON THE DAY OF THE GO-LIVE.

As the warning says, it can take up to 6 hours for these changes to take effect. And on the go-live day, you don’t want to spend your time “stressing out” on something you have no control over.

From personal experience, this usually takes a couple of minutes rather than hours. But the warning is there for a reason!

Domain Configuration

Now that we are a “verified owner” of the domain within the eCDN, we can start configuring that domain.

To start, click the “settings” to the right of the top-level domain.

Set up an SSL Certificate

The first screen you will land on is the “crypto” settings. This is where you manage everything about SSL and TLS settings.

To add a certificate, click the “Add Certificate” button!

The screen itself is pretty self-explanatory. If you followed the “get prepared” section at the beginning of this article, these should already be in your possession.

Once entered, the system will validate if it is correct. If it passes the validation, click “Upload Certificate,” and bam… you are done!

TLS 1.3

You might have noticed that a BETA feature was marked in the screenshots above. Do you want to know more about this feature? Then visit Cloudflare Docs.

Even though the notification popup warns you that this is a BETA feature, it has already gotten that mark for two years.

I have enabled this feature on most projects with no adverse effects.

HSTS

Once a certificate has been uploaded, a new setting should appear called HSTS.

Enabling this option will tell browsers that your domain only operates over HTTPS and that all HTTP connections should be blocked.

Since this includes all subdomains, ensure that no system besides Commerce Cloud operates on HTTP. Otherwise, people will be “barred” from using that site for the remainder of the TTL.

Firewall Settings

You can manage the Security Level and Trusted IP Addresses in the firewall settings.

As the help popup informs, this part of the firewall looks at IP Address reputation to act appropriately.

Using the IP Allowlisting feature, you can inform the firewall to ignore specific IPs.

WAF Settings

The WAF (Web Application Firewall) is a Cloudflare feature that is well documented.

This will look at more areas to detect malicious traffic using the OWASP rules.

There is a lot to say about this feature, but lucky for me Salesforce has written extensive documentation on this topic!

Download Log Files

In this section, you can also download log files per hour. It is essential to keep in mind that this is an asynchronous operation, and after clicking “Request Log,” you will receive an email containing a download link at a later time (usually not so long)

These files contain a log of all network traffic, how the WAF analyzed it, and how it responded.

Speed Settings

HTML Minification Those who have enabled this in the past might have wondered if this "did anything." Well, it deletes all of the comments from the HTML.

If you have comments on an environment that have value for an external system, be sure not to activate this type of minification.

Note: This also breaks the deprecated toolkit on Development as it relies on comments.

Not much to say about this section; here, you can control a few settings that improve speed, such as minification of Javascript, CSS, and HTML.

The Polish Level settings are something to look into, though, as these can improve the performance of your images.

One thing to watch out for is if you choose to enable “Polish Level Basic+JPEG,” your images might lose quality as this will use lossy compression. If you work for a brand that wants crisp and clear photos, you may want to do extensive testing before permanently enabling this.

Enabling WebP is a no-brainer, allowing a lossless compression that performs better on the web. It is also supported by all major browsers now (except Safari…).

Since these features are Cloudflare behind the scenes, you can also look at their documentation.

Customize Settings

A section you hope you will never need. When “**** hits the fan,” Cloudflare provides standard error pages. In this section, you can choose to load your own rather than the default.

Commerce API Configuration

The not-so-well-known thing is that some Cloudflare features you can enable are missing in the Business Manager.

There is a REST service available however:

https://developer.salesforce.com/docs/commerce/commerce-api/references?meta=cdn-api-process-apis:updateSpeedSettings

Using these APIs, you can enable:

Make sure you do not forget about these! As they can also increase performance on certain pages. HTTP2 Prioritization will help a lot on lister pages with many images processed by the DIS (Dynamic Image Service).

The post Let’s GO-LIVE: eCDN appeared first on The Rhino Inquisitor.