We understand the challenges faced by UK organisations in these times of change and are working with many brands to ensure success in their e-commerce activities. As SAP and Customer Experience (CX) specialists we have developed our own e-commerce health check to ensure your SAP Commerce Cloud (formerly known as Hybris Commerce) platform is fully optimised to support your business objectives, now and in the future.
Our health check service examines common problems with an e-commerce website and includes a comprehensive review of your platform including;
Getting the basics right is essential for SEO. Ensuring your web page displays appropriately on mobile devices, has appropriate and relevant metadata, is legible on all devices and has appropriately sized tap targets will make sure you are not penalised in search results. We will conduct the following checks for each of your top 100 pages on Google Search, with a minimum of 90% for a pass:
Your customers access your website using a wide variety of devices and web browsers. It is important to make sure that your website works just as well for every user.
It is important to make sure that your HTML syntax is correct to ensure that all web browsers can correctly
interpret your web pages. We check the HTML syntax of your 10 top Google Search results and let you know how many errors and warnings exist across them.
It is important to make sure that your CSS syntax is correct to ensure that all web browsers can correctly
interpret your web pages. We check the CSS syntax of the stylesheets referred to in your 100 top Google
Search results and let you know how many errors and warnings exist across them. We will only validate those
stylesheets referenced with relative URLs, to avoid checking external resources.
Your website’s user experience is the most critical element for customer engagement. Google collect anonymised data for most public websites. We analyse this to provide Google’s real-world scoring of your user experience.
Ensuring your website is accessible to users with disabilities is not just about morals or ethics – it is a legal requirement for most websites. UK firms are subject to the DDA and SENDA, EU firms must follow the Web Accessibility Directive if they provide products or services to public bodies and US firms must follow dozens of accessibility laws. We make the following checks for each of your top 100 pages on Google Search, with a minimum of 90% for a pass:
An unsecure website is, at worst, an open back door into your business’ systems and, at best, exposesyou to liability from your customers who could lose money.
Default Hybris Usernames and Passwords
The worst – and yet one of the most common – security flaw in a Hybris deployment is leaving a default username and password combination active on a publicly accessible URL. We check the five most important URLs and will let you know how many of these allow login with a default administrative username and password combination.
Hybris Extension URLs
The Hybris go-live checklist states that certain URLs should not be accessible via your public URL. However, many Hybris deployments miss one or more of these. That can leave your web application vulnerable to a variety of attacks and a highly knowledgeable attacker could cause untold damage with even unauthenticated access to these. We scan 130 common URLs to ensure your site correctly returns a 4xx or 5xx HTTP response code for each one.
HTTP Security Headers
Setting a few simple HTTP security headers can allow modern browsers to lock out many common vulnerabilities in web applications. We scan for these seven headers and provide you with an overall grade, with a minimum “C” grade required for a pass.
It is not enough to redirect HTTP requests to HTTPS and have a valid SSL certificate. Many vulnerabilities in the SSL/TLS protocols have been discovered over the past few years and it’s important to make sure you’re using the correct protocol versions, cipher suites, software versions and settings to make sure you’re not vulnerable to any known vulnerabilities. We scan for all of these – around 300 separate checks – and provide you with an overall grade, with a minimum “A” for a pass.
Web Application Security
We will scan your website for the 50 most common web application vulnerabilities and let you know how many the scan suspects your website may be vulnerable to.
We can optionally check your website’s compatibility with the Progressive Web App standards to ensure that your website performs just as well on mobile devices as a native app and provide you with a weighted overall score.
We make the following checks for each of your top 100 pages on Google Search, with a minimum of 90% for a pass.