PRO-Webs, Inc. Mogadore, OH

PRO-Webs News & Events

1/5/2010 - USPS has updated their code for January 4, 2010
I hope everyone had and excellent holiday. I am writing this morning to let everyone know that effective immediately, USPS has updated the Zen Cart code required to use the USPS shipping module and your cart requires an update if you are or intend to use the USPS shipping module.
This forum thread (http://www.zen-cart.com/forum/showthread.php?t=144992) has the new files for installation and a FULL removal and re-installation of the module must be completed.

11/19/2009 - PCI Scan Failure Error &Patch
Yesterday we discovered a PCI scanning issue for Zen Cart, which was causing PCI scan failures.
A PCI flag could be raised if long strings are used for sort parameters. Again, while the so-called "attack" attempt will fail, an error message will appear, causing a PCI scan to raise a red flag.
In order to patch your cart you will need to install this new version patch (http://www.zen-cart.com/forum/showthread.php?p=809045) in your cart.
SEO contract clients have already been patched last night.

10/26/2009 - 2cnd Annual PRO-Webs Prediction Bowling Tournament
We are very proud to once again support the PRO-Webs Annual Thanksgiving Prediction Bowling Tournament. This tournament to be held Thanksgiving day at Akron Lanes is all about fun! Advanced and new bowlers alike have the same opportunity to win by guessing their total pins for 3 games. Great prizes are offered for bowlers including an HDTV, a WII, $100 minimum strike pot, $100 cash for the first 300 game and many other souvenirs and money saving coupons.

• Where: Bill Whites Akron Lanes. 2911 E. Waterloo RD- 330-628-4822
• When: Thursday, November 26th at 7pm
• How Much: $25.00 entry fee
• Limit: 120 bowlers

10/15/2009 - Out of Office Announcement
We are contacting you today to alert hosted and regular service clients that we will be unavailable and out of the office on Tuesday and Wednesday (10/21 & 10/22/2009) next week for a funeral.

We ask that you make use of the helpdesk (https://www.billingorchard.com/support/index.cfm?Action=Tickets&SupportDesk=bkrihgiiut) for non-emergency issues as we will be checking support tickets as we can and that you continue to call in for emergencies only.

Additionally, Judy Gunderson will be helping us out and covering emergency calls from our clients for both days. Please be advised that you may contact her at (816)252-1566 for emergencies. Judy will has access to all of our server logins and can assist you in case of an emergency. If you are not hosted with us, please be prepared to provide Judy FTP, cPanel and other related login/access information.

10/12/2009 - Social Media
We are very excited to announce 2 new ways to follow us, and get the best deals and information fast! Occasionally we will post special articles, downloads and promotions to our Twitter and Facebook Fan pages... To take advantage of these perks you just need to follow us on Twitter (http://twitter.com/prowebs) or become a Facebook fan of PRO-Webs (http://pro-webs.net/fan).

Looking forward to serving you!

09/30/2009 - Server Improvements & Green Hosting
This is just a quick note to update you on a recent advance in your website hosting. We have worked many long hours to achieve the "Green" and PCI Compliant hosting we sought.... Those items achieved we have moved on to improving your total hosting experience.

We are very proud to announce that in addition to the robust individual account backups you can make use of that we are now creating daily account level backups for each of your hosted accounts.

Under the old system, while nightly backups were completed, however they were not created on an individual account level basis and therefore un-restorable at the account level. The new backup system creates a FULL, restorable account level backup every night, which is then stored on a different physical drive for added security.

These daily backups will be retained according to the following schedule:

Yesterday's full account backup
Last week's full account backup
Last Month's full account backup

We thank you for your patronage and this new hosting perk was completed in house at no charge to you.

07/24/2009 - Server Upgrades
We are writing to inform you that we will be upgrading the PHP on your servers to the newly released and stable PHP 5.3.0.

This upgrade will be occurring the second week of August and we will inform you of the specific date and times when we get it ironed out. Little or no downtime is expected.

We advise that you check your current applications for compatibility with PHP 5.3.0. If you have no idea, then please contact the software or website developer.

Zen Cart customers can expect no Zen Cart compatibility issues, but may want to investigate individual customized module compatibility.

Please note that this is a mandatory upgrade that is necessary before 8/26 to maintain PCI/DSS compliance.

A special note for ecommerce hosted customers who accept credit cards. Your quarterly scans from a PCI/DSS approved scanning vendor are required by 8/1/2009. PCI compliance is required, not optional. Thank you to shop owners who have completed this already!

07/03/2009 - Authorize.net Outtage
We have received some concrete information now regarding the outage of Authorize.net services to your stores.

Early this morning there was a massive fire in the Seattle data center and service was completely down thus far most of the day and even though reports have said that US transactions are now processing, our testing has shown otherwise at this point.

Here is the Twitter account Authorize.net is posting updates to:
http://twitter.com/authorizenet

06/28/2009 - Zen Cart Team Notification
You all should have received the email at the bottom of this communication directly from the Zen Cart Team. Please take note that this is a very big issue for the security of your shopping cart, as this vulnerability is quite serious.

For those who received the email from us earlier this week regarding this issue, I apologize for any confusion regarding the patching of your Zen Cart to protect you against this admin vulnerability. Let me please clarify for you:

IF your Zen Cart is on a PAID monthly SEO contract, then your patch has been installed and we will be renaming your admin folders as needed immediately. There is no charge for site's on a current SEO contract.

Those Zen Cart owners who are hosted with PRO-Webs HAVE NOT been patched unless you contacted us to have it done.

Due to the nature of this security issue ALL Zen Carts owned by anyone, accepting credit cards or not which are hosted with PRO-Webs must be patched immediately and admin sections renamed. There are no exceptions.

All PRO-Webs hosted clients can contact us at support(AT)pro-webs.net to ask that we both install the patch and rename your admin folder. We will do both for $20.00 for hosted customers.

IF you decide to handle this on your own, we will be checking and compliance is required by end of business EST on Thursday 7/2/2009. IF Thursday evening your cart is found to be un-patched and your admin not renamed we will complete this required task and you will be charged $25.00. An additional charge of $5.00 is added to reimburse our time for checking YOUR software for compliance.

Please report to support(AT)pro-webs.net when you have completed the required task.

-------------------------------------------------------------------

Zen Cart Security Vulnerability Alert + Patch

Please pardon this mass email. If you are running a Zen Cart store, it's important that you read this message and take action immediately.

A vulnerability has been discovered in the admin section of v1.3.8 (and previous versions). To take advantage of this vulnerability any attacker must know the URL of your admin section. As our security recommendations point out, you should change the folder that your admin resides in as soon as you installed Zen Cart.

SO -- THE FIRST STEP YOU **NEED** TO TAKE is to rename your /admin/ folder!
http://tutorials.zen-cart.com/index.php?article=33

However we realise that relying on this 'Security through Obscurity' is not foolproof, hence the release of a patch, which can be downloaded from the Zen Cart Support forum, here: http://www.zen-cart.com/forum/showthread.php?t=130161

The zip file there contains a readme.html with full details on how to install the security patch files. The security patch uses Zen Cart's override system to make installation as simple as possible.

The security patch will work for previous versions in the 1.3.x series.

Older releases i.e v1.2.x are no longer supported and the patch has not been fully tested on those versions, however some parts of the patch should still work with v1.2.x (again see the readme.html file). However we strongly advise anyone using the 1.2.x versions to upgrade to 1.3.8 as soon as possible.

The Zen Cart Team takes security matters very seriously. But security is only as good as those who follow posted recommendations. Please apply the appropriate patches and security measures promptly, for your own benefit.

SUMMARY: Your Action Steps are:

1. RENAME YOUR ADMIN FOLDER !!!!!
Yes, if you haven't already renamed your /admin/ folder, do it NOW!
Instructions can be found here: http://tutorials.zen-cart.com/index.php?article=33

2. APPLY THE SECURITY PATCH !!!
http://www.zen-cart.com/forum/showthread.php?t=130161

3. Subscribe yourself to the Zen Cart Announcements mailing list:
http://www.zen-cart.com/forum/subscription.php?do=addsubscription&f=2

4. Keep your site's Zen Cart software up-to-date at all times. Numerous bugs, improvements, and security fixes are included in every new release. It is in your best interests to remain current.
http://www.zen-cart.com/forum/forumdisplay.php?f=2

Sincerely,
The Zen Cart Team

06/22/2009 - Zen Cart Vulnerability Discovered
The Zen Cart development team has discovered a vulnerability in your Zen Cart admin. The announcement from yesterday is here (http://www.zen-cart.com/forum/showthread.php?t=130161).

All Zen Cart owners are advised to apply this security patch as soon as possible. PRO-Webs contract client's websites have been upgraded already at no charge.

Note that this security patch is valid for 1.3.X versions of Zen Cart and a single file will "help" to secure all 1.2.X Zen Cart installations.

06/09/2009 - Admin Logging Module
As you already know logging for your administration section in your Zen Cart is a requirement to achieve PCI compliance for your ecommerce website.

Zen Cart has this ability and does without any intervention log all administration access. However, the ability for normal users to make any use of these logs does not exist.

SEO contract customers will find a new menu item under reports to view their logs more easily. The module was installed as part of your contract services.

Other hosted clients wishing this to be installed can simply reply to this email and we will happily install the module for $5.00 each site to help you get compliant.

06/06/2009 - PCI/DSS Update
We are writing you today with very important compliance information regarding your websites hosted with PRO-Webs.

Vast changes have been made by the PCI Security Standards Council. We would like you to visit this post http://pro-webs.net/blog/2009/06/06/simple-pci-guide-for-merchants/ and read it entirely so that understand your merchant requirements and responsibilities better.

Please understand that your responsibility in this matter is no way optional, but required.

As a company we have made vast efforts and strides to maintain a safe and compliant environment for you to host your websites and do business safely. While your PRO-Webs hosting is PCI DSS compliant, that does NOT indicate the full extent of your responsibility or promise the compliance of your website(s) in any way.

We have retained a PCI approved scanning vendor (https://www.pcisecuritystandards.org/pdfs/asv_report.html) to assist us and yourselves on the way to compliance. The cost of scanning is very large for many vendors, so we have made every effort to keep your company's operating budget in mind.

We have chosen Robert Yoka of Backbone Security, Inc. as our chosen approved PCI scanning vendor. Robert's contact information is listed below for your convenience. Please let him know that you are a PRO-Webs customer. Backbone Security will execute your quarterly scans up to 4 IPs for only $229.00 a year for all 4, each additional being $25.00. This pricing is much less than the current standard. We welcome you to use any approved scanning vendor of your choice (https://www.pcisecuritystandards.org/pdfs/asv_report.html), however, compliance is required by August 1st, 2009 for all PRO-Webs hosted websites who are processing credit cards. Whoever the approved scanning vendor you choose to bring your site to compliance, we will require the following from you, by Aug. 1st.

1. We will need a list of every site you have hosted with PRO-Webs which processes credit cards.

2. We will need to know which cards each site accepts.

3. We will need a current and original copy of each scan or SAQ executed for your site(s) on file at all times.

*Note: If you use ONLY PayPal Express, PayPal IPN - Website Payments Standard, 2 Checkout, Google Checkout or other OFFSITE collection processors your compliance is not required.

Robert is ready to get you all started and answer any questions. We will answer only questions we can and will advise you to direct all PCI questions to Robert and the staff at Backbone Security.

Robert J. Yoka, CISSP, IAM, IEM
Director, PCI Compliance Division
Backbone Security, Inc.
www.backbonesecurity.com
Office: 1-888-805-4331
Fax: 570-992-8447

Thank you for your continued support in this manner

06/02/2009 - Google Base Update
You probably will or have received an email today from Google regarding updates for the Google Base program. We just wanted to take a minute to explain the changes and the impact on you.

Google is now requiring the "condition" attribute and will begin to display the "condition" of your products. This change was expected and all of your feed generators are already using the condition attribute in your feed. Condition options are: new, used, or refurbished. The guid for condition is not new, but will now be required.

Google will also be making Taxonomy available for your feeds. Taxonomy simply means to categorize your products in to their own categories. Submitting the taxonomy guid will not be required, but rather recommended. Those of you using the more robust M1 feed generator will be contacted when an upgrade is available. Those using the free Numinex generator will be suggested to upgrade when the M1 is updated. The current cost for the M1 is $29.00, but we will let you know at that time any changes in cost.

Lastly, Google has added a new guid attribute called "compatible with". This attribute is not required at this time, and none of your generators are capable of producing it. We will let you know if the M1 includes this upon update as we suspect it will. Please read the description of the "compatible with" guid below.

""The new "compatible with" allows you to specify what products your item is compatible with. For instance, if you're listing an HP 74 (CB335WN) black ink cartridge, you can use this attribute to tell us that it's compatible with the HP Photosmart C4480 and HP Photosmart C4580 printers. Using this attribute will help you avoid listing the same item multiple times with different compatibility information.""

05/23/2009 - Rainbow Babies & Children
We are proud to announce not only our newly formed partnership with Rainbow Babies & Children's Hospital... But also a way for you to help too, and save some money to boot!

Here is our commitment page (http://pro-webs.net/rainbow-babies.php) for the PRO-Webs Rainbow program.

We would like you to check it out... and consider making a donation in any amount you choose. Its worth noting that 100% of everything you donate goes to Rainbow Babies & Children's. Your donation will be made directly on the University Hospital's website and there is no middleman. UH built a donation page especially for you guys!

To launch our new partnership and get you started.... We will provide you with a $1.00 credit on your PRO-Webs current or future billing for every $10.00 you donate.

All you do is make your donation and then email us a copy of your receipt.... We will respond with your credit to use on your hosting, services or in the PRO-Webs store. Whatever you choose!

Is that not all that you want to do to help the kids at Rainbow?

We have your back there as well. Simply reply to this email and we will provide you with the donation button and code to add to your website too! No worries if you cannot manage to install the code... We will happily do it for you at no charge!

05/10/2009 - Melanie Out of Town
We just wanted to take a minute and remind all PRO-Webs Inc, customers of the proper support protocol. This has been touched on in the past, but many of you email me directly for support issues and I will be in out of town on business from Thur 14-May-09 to Thur 21-May-09 and unable to man my emails with my normal perseverance.

The very best and fastest for for any support issue is to use the Helpdesk here (https://www.billingorchard.com/support/index.cfm?Action=Tickets&SupportDesk=bkrihgiiut)

If you cannot find the link... You can always find it in your hosting control panel and the footer at http://pro-webs.net/

In lieu of this you can also send email to support(AT)pro-webs.net and accomplish the same distribution, but without the ticket updating and other helpdesk features.

Normal business hours are Monday - Friday 9am to 5pm and you can call with support issues if you need to.

330.871.4357 (HELP)

Emergency only calls are taken at our regular number 24/7, including after normal business hours.

If you send me personally an email I will receive it as soon as I can check it, but you will receive a response that I am out of the office as well. I will only be answering high priority emails while I am out of town.

Thanks and Happy Mother's Day

04/01/2009 - Happy April!
This is just a notification that PRO-Webs will be unavailable beginning all of Friday April 3 for the weekend and returning to regular service hours on Monday.

Please note that during this time only emergency support requests will be answered, and that this falls under after hours emergency support.

If you have an emergency, please call (330-871-4357) and email to support(AT)pro-webs.net and we are able to take care of your issues.

02/17/2009 - Attn: PRO-Webs Ecommerce Clients
This is a must read ecommerce shopping survey from New iPerceptions Research of 10,000 shoppers polled.

http://www.iperceptions.com/en/news/new-iperceptions-data-shows-ecommerce-sites-fall-s

Have you done your site run throughs lately? Conducted a usability study or even asked anyone how your navigation and site is for a "real" person to use?

If you haven't.... You are sadly missing out, because in the end it matters none what you think, but rather what shoppers think.

02/16/2009 - PRO-Webs Announcement
We are very happy to announce that Jack Prough will now be full time, working partner with PRO-Webs. Recently Jack left his manufacturing supervisor's career to pursue the continued growth and success with PRO-Webs. Jack has been, since it's inception a partner of PRO-Webs, but now will have a full time dedication to your continued support and our mutual success.

In keeping with this, we have some issues we would like to address when requesting support and assistance. Although these procedures have always been in place most of you do not use them. Going forward we will need you to follow the proper support protocol to more effectively serve you. Please review the following procedures for support.

1. All NON-Emergency support requests of any kind are to be directed though the helpdesk. There is a link for the help desk in PRO-Webs main page footer, your hosting control panel footer and here is one also for your records: HELPDESK Be advised that using this venue for support is the fastest and most effective means of resolving an issue and that going forward, employees personal email addresses are not to be used for support as they are not monitored as frequently.
2. All Emergency support requests should be called in to 330.871.HELP 24 hours a day and 7 days a week. Please leave a voice mail if no one immediately picks up. If for some reason you have not heard back from us in 30 minutes and your issue is a GENUINE EMERGENCY, then please call again.
3. Please take a moment and review our Terms of Service Policy so that you fully understand the existing definition of an emergency and the charges for non-business hours phone support requests.

We have big plans to improve the support and services we provide in 2009 and look forward to your continued support to provide services as effectively as possible for all customers, existing and new.

12/27/2008 - Seasons Greetings - PCI Compliance
Season Greetings PRO-Webs Hosted Customers,

We wanted to take an opportunity to remind everyone about some security and compliance concerns related to your websites hosted with PRO-Webs.

PRO-Webs provides you state of the art 100% PCI compliant hosting with a industry elite array of security options compiled on our servers. Our servers are fire walled with the latest technology, Apache Mod_Security, cPHulk Brute Force Protection, DDOS Protection, Virus Protection, Server Monitoring, Minimum Password Strength Configuration Utility, Host Access Control, Shell Fork Bomb Protection and more. We strive to provide you the very best environment to host your websites and secure data.

However, if you are not doing your part... Most of this is pointless. So lets do some security cleanups for the new year. This procedure should be completed every 90 days for regular websites and every 30 days for merchants and will take just a few short minutes to complete.

1. Login to your control panel.
2. In the very bottom row click on your Virus scanner and run it.
3. Next in the third box down click on FTP Accounts and be certain that any old FTP access for jobbers has been removed.
4. Lastly, in the top row, click on change your password. You can use this handy password generator to get a good strong password (http://www.pctools.com/guides/password/). The password should be a minimum of 8 alpha numeric characters.

Merchants are required to make these changes on a logged schedule to be PCI compliant. These password changes include your Gateway, Merchant Account, Store or Software Administration and even your billing email.

We invite you to limit your liability today and read up on PCI compliance before you need to http://www.pcicomplianceguide.org/merchants-20071022-gaining-pci-compliance.php

Happy New Year to You All,

Support Desk
PRO-Webs.net

12/08/2008 - USPS Checkout Issues
We have been chasing a checkout issue with a few Zen Carts most of the day. Customers unable to checkout or estimate shipping due to long query times failing.

The issue is the USPS shipping module, USPS shipping quotes are down. They were supposed to be fixed already, but they are not.

Here is the forum thread http://www.zen-cart.com/forum/showthread.php?t=115090

I suggest if you are utilizing the USPS shipping module that you disable it temporarily and use another shipping venue until we have clear word that the USPS web tools are once again functioning.

11/16/2008 - Emergency Services
As many of you are already aware, we have successfully switched our billing & support software to a platform more suited to our volume and needs. We billed this month on the new platform and aside from a few tweaks, it was reported to be simple and easy to use.

We are sending this communication to make certain that every PRO-Webs customer can properly take advantage of our support system when it becomes necessary. We are available by phone @ 330.871.HELP Monday-Friday 9-5PM EST. After hours support is provided free of additional charge for emergencies only. The steps for customer support are as follows.

1. Determine the level of priority per the terms of service
2. For emergencies requiring immediate attention call 330.871.HELP 24/7
3. For support for NON-emergencies you MUST submit a ticket through the helpdesk by logging in or not in the footer section of our main page https://pro-webs.net/

• To submit a ticket while logged in or view your account information simply login with your username and password.
• To submit a ticket to the helpdesk without logging in, simply click the "Help Desk" link.
• Upon submitting your support request you will receive a support ticket number, please note this.

Support tickets will NO LONGER be accepted by sending directly to the support email address... They will not be delivered in off hours, you MUST use the Help Desk for non critical support or call 330.871.HELP for emergency support.

We strive to respond immediately to all true emergency support calls and within 24 hours for non-critical support, however if you do not properly use the system your support tickets could be lost.

11/08/2008 - Product Feed Updates
Recently both Google and Live products have made substantial changes to their shopping programs. IF you are running the free contributions from Numinex from the Zen Cart support site, then you likely will require an upgrade for both feeds to continue to use them effectively.

Monthly SEO customers have already been upgraded. We are offering this upgrade to bring Live/Google or both completely up to date for $6.00 per platform for existing customers only.

We are offering this at a special price as we fully understand and respect the importance of these shopping feeds to an e commerce store and wish you all to have proper opportunity in these platforms going forward.

Please contact us if you require an upgrade for your mods.

10/22/2008 - New Client Center Launched
We have launched our new support center software. We are happy that we think you will find this interface far simpler to use and have less frustration.

Your invoices will be emailed to you monthly and you can select to pay them with a click right from your email box... But you can view them anytime by logging in to your account at https://www.billingorchard.com/clients/

You will be emailed your login info shortly.

Please report any issues you may find and any feedback is appreciated. Please remember there will no longer be paper invoices mailed out as we have Gone Green and paperless to help reduce the paper stain on the environment.

If you mail your payment in:

PRO-Webs 3794 Orchard Street Mogadore, OH 44260

330-871-HELP