How to start your online store with WooCommerce

Wordpress WooCommerce online shop with Plesk Onyx

When it comes to e-commerce, picking the right platform to power your online store is a difficult choice. Whichever one you go with needs to be fast, secure, and feature-filled, so where are you supposed to begin looking?

With over 1+ million active installs and a 4.6 user rating on, WooCommerce is one of the most popular free ecommerce solutions for WordPress. According to BuiltWith, as of January 2017, WooCommerce powered 42% of all online stores! So if you’re looking to open an online store on your WordPress-powered website, WooCommerce should be high on your list of contenders.

What is WooCommerce?

WooCommerce is an open source platform backed by a large community, who constantly updates it, creates new themes, plugins and all sorts of integrations, all of which are essential to a successful business. With hundreds of free and paid WooCommerce extensions, spanning all major logistical & technical needs, you can rest assured there’s an extension for your specific needs.

Wordpress WooCommerce Image: WooCommerce

To show you how quick and easy it is to set up your own WordPress WooCommerce online store, I’ll give you a guided tour and walk you through the basic steps.

Here’s what we’ll cover:

  • Choosing a fast and secure hosting environment
  • Installing WordPress
  • Installing and activating the WooCommerce plugin
  • Choosing the proper theme for your site
  • Importing the WooCommerce Dummy Data
  • Managing multiple WooCommerce installations
  • Adding additional protection for your online store

And in my next article, I’ll explain how to add products, configure tax and shipping options and other general settings within your online store.

1. Choosing A Fast And Secure Hosting Environment

When it comes to choosing a fast and secure hosting environment for your online store, the options are endless, but it is good to be extra picky when selecting a host to make sure your income isn’t restrained by the performance of your website.

If you are just starting out with a small inventory and expect limited customer traffic, you could get by with a budget, entry level shared hosting. Most shared hosts will give you the option of leveling up as your online store grows in size and traffic.

But if you are planning to launch a large online store, or one that is expected to scale quickly, you would be better off with a high-performance service provider.

Premium managed hosting is a good option for serious e-commerce stores because you would be hosted on a server that is optimized to load WordPress more efficiently. Also, managed hostings will come with experts who will be proactively monitoring your website and will be on hand should anything go wrong. This alone justifies the higher price tag.

In addition to that, there are several technical considerations to take into account:

  • Having a PCI DSS (Payment Card Industry Data Security Standard) compliant host guarantees that your provider takes security seriously and maintains it continuously.

  • Having a SSL (Secure Sockets Layer) certificate bundled within your hosting plan ensures the security for your website by encrypting communication between the server and the person visiting your online store. It’s required for all e-commerce sites that accept credit card payments online.

Plesk tip:
If you manage your host via Plesk, all these are taken care of for you. All Plesk users can get a free SSL certificate powered by Let’s Encrypt, and deploy SSL protection in a few steps. This means you don’t need to purchase your certificate separately and struggle with installation.

Plesk Extensions CatalogImage: Plesk Onyx – Extension Catalog

  • Make sure that your host support PHP 7, because it’s up to twice as fast as PHP 5.6, which means you’ll need fewer servers to serve the same amount of users. If your host supports PHP7, ask them how to activate it. For Plesk users, it’s just a click to enable PHP7 – here’s how.

  • Use a caching plugin to ensure that your site is lightning fast and improve your Google page rank. A slow site can push you down in Google’s rankings, and your website visitors might give up trying to explore your store if it takes too long to load.

Plesk tip: 
If you’re looking for a free, easy to install caching option, WP Super Cache is one of the best options out there.

With its huge amount of customization options, W3 Total Cache is also great if you crave total control over your plugin. If you’re new to plugins, however, this option may be a little too in-depth.

However if you just want a simple solution, WP Rocket is a good option, as long as you are prepared to spend a little money.


2. Installing WordPress

In this example, I’ll be using Plesk Onyx and the Plesk WordPress Toolkit to simplify the WordPress installation process.

The Plesk WordPress Toolkit is ideal for your WordPress WooCommerce store because it helps you manage your infrastructure and security, and also offers a ready-to-code environment, Let’s Encrypt, Free SSL certificates, CloudFlare CDN, DDoS mitigation, PHP7, and other powerful technologies. Most importantly for this case, it also offers a 1-click installation to install WordPress.

Plesk Onyx - Featured ApplicationsImage: Plesk Onyx – WordPress Toolkit

Installing WordPress in Plesk Onyx is as simple as heading to the applications tab on your control panel and picking a WordPress version to install, as seen in the screenshot above.

During the installation, like most common applications, a progress bar is presented, showing how far you are through the process. A few seconds later and everything’s done.

Wordpress Installation With Plesk OnyxImage: Plesk Onyx – WordPress Installation

In the screenshot above, you see the admin dashboard which is available immediately after WordPress has been installed. On the dashboard, you are presented with an overview of your installation where you can see key details, such as the site name, URL, administrator’s details. On the right-hand side, there are links to your key management options for configuring themes, plugins and security.


3. Installing The WooCommerce Plugin

Clicking Manage Themes or Manage Plugins from the admin dashboard immediately gives you the ability to install, activate, or delete a plugin or installed theme of your WordPress installations – as shown in the screenshot below.

Adding WooCommerce is as easy as 1-2-3

Click Manage Plugins > Install Plugin at the top of the plugin list and search for WooCommerce to install. Click on Install.

Wordpress WooCommerce installation Image: Plesk Onyx – Install Plugins

Plesk tip:
Plesk Onyx keeps everything in one location, making managing plugins ever so much simpler than in a standard WordPress installation.

  • To activate an inactive plugin, click the checkbox next to its name and click Ok
  • Want to disable a plugin? Uncheck it and click Ok
  • Want to delete a plugin? Click on the bin icon on the right

Manage plugins with Plesk OnyxImage: Plesk Onyx – Manage Plugins

Immediately after activating the plugin, you’re taken to the onboarding wizard. You can use the wizard, or skip it and manually set up everything. We recommend giving the wizard a go if it’s your first time using the platform. Let’s check it out together by clicking on Let’s Go!

WooCommerce Installation Image: WooCommerce – Onboarding Wizard

Page Setup

The wizard first helps to set up pages needed for an ecommerce online store, such as the shop page, cart page and checkout. Select Continue to automatically install pages.

WooCommerce page setupImage: WooCommerce – Page Setup

Store Locale

Next is your store’s location, currency and dimensional units for shipping calculations (cm, inches). WordPress WooCommerce automatically detects your location using your IP address and selects the country, currency and units. Confirm that the data is correct, and then select Continue.

Wordpress WooCommerce Locale SetupImage: WooCommerce – Store Locale Setup

Shipping & Tax

Shipping and Taxes can be enabled for your online store, if needed. If you enable taxes, further options will appear. Choose how to enter prices, with/without tax, and check the list of taxes WooCommerce will create for you (can change later). Consult a tax professional to ensure your rates are correct.

WooCommerce Shipping & TaxImage: WooCommerce – Shipping & Tax
Select Continue when you’re satisfied.


Finally, how you want to be paid.

WooCommerce payments setupImage: WooCommerce – Payments

  • PayPal powered by Braintree and/or Stripe — free, separate plugins we offer — are downloaded automatically from
  • If you enable PayPal Standard, enter an email address associated with that account.


The wizard is complete, and now you’re ready to start selling. The only remaining action is to add your products. Select the big Create your first product! button.

Or you can click through to access the setup guides and educational resources.

WooCommerce Plugin For WordPressImage: WooCommerce – Your Store is ready!

Plesk tip:
If you’ve skipped the wizard when you installed WooCommerce, you can run the wizard again. Go to: Help > Setup Wizard and select Setup Wizard.


4. Installing The Proper Theme For Your Site

Say you want to install the Storefront theme, designed and developed by WooCommerce Core developers, or its free child theme Boutique, designed for small WooCommerce online stores/boutiques.

In the pop-up window, look for Storefront, or Boutique and click OK. Your theme will be activated after a few moments.

Manage Theme for WooCommerceImage: Plesk Onyx – Manage Themes

5. Importing The WooCommerce Dummy Data

After you’ve installed WooCommerce, perhaps you’d like to see what your pages and products might look like. If so, WordPress WooCommerce has made some sample data available for us. Just right click and download it from here.

Plesk tip:
Dummy data contains products with images that will work with any theme. However, it doesn’t contain the same photos as the Storefront demo, as the demo uses proprietary photography.

From the WordPress admin, go to Tools > Import and select the WordPress option. If you don’t have the WordPress importer installed, first install it by selecting Install Now.

Image: WordPress – Tools

Once that’s installed select Run Importer, Choose file, and select the dummy-data.xml file you downloaded earlier.

You’ll then have the option to import a default author, create a new user, or assign the posts to an existing user. This is your decision to make, although we’d recommend assigning the posts to an existing user.

After that be sure to check or uncheck the Download and import file attachments checkbox, because this will import all the sample product images to your site if checked.

Click Submit and your dummy data will be imported. Congrats, you now have some sample data in WooCommerce to learn from!


6. Manage Multiple WordPress Installations

If you’d like to set up multiple online stores, or if you manage stores for multiple clients, then you should consider using Plesk Onyx to install and manage your all your WordPress installations. When you’re done, as in the screenshot below, you’ll see multiple sites in your WordPress installation list.

Image: Plesk Onyx – Multiple WordPress Installations

The main benefit of using Plesk Onyx for multiple stores is the flexibility to set up, configure, update and secure one store, a set of stores, or all your stores at one go, including for tasks such as security scans, audits, and updates.

In fact, Plesk also allows you to schedule tasks to occur automatically, which we’ll be looking at in a later post.


7. Adding Additional Protection For Your Online Store

Security is as important a topic as ever, so it’s essential to keep track of the security touchpoints on your online store.

If you use Plesk, click Secure under Manage Plugins on your control panel to configure settings for:

  • File and directory permissions
  • Directory browsing permissions
  • Security on the wp-contents and wp-includes folders
  • Security keys

Image: Plesk Onyx – Check Security

For instance, you can see in the screenshot above that my Security of the configuration file and Directory browsing permissions on my WordPress installation are no longer up to date. To rectify that, all I’ll need to do on my Plesk control panel would be to check the checkboxes next to each of them and then click OK. Plesk will make the appropriate changes and add a green tick when complete.

Should I want to undo this action, I can click Rollback, which will reverse the changes and restore my original files and settings.


Do you need Plesk?

Now, do you really need Plesk Onyx and the Plesk WordPress toolkit to set up your WooCommerce online store? Arguably, no. But I would argue that your time could be better spent managing and growing your business, than fiddling with technical updates and security settings.

Let me know what you think in the comments below. In the meantime, be well, do good, and stay Plesky!

Plesk now supports PHP 7.1.x

We’re pleased to announce that Plesk Onyx now supports the latest PHP version 7.1.1.

The update to PHP 7.1.0 brought developers a bunch of cool new improvements such as Catching multiple exceptions types or Nullable Types. For the full list of new features, head over to the official PHP release announcement.

In version 7.1.1, more bugs were fixed to make the PHP 7.1.x branch even more stable.

Planning to update?

Check your CMS version before updating Plesk PHP to 7.1!

Because there are several incompatibilities with the last version of PHP.  If you’re working with the three most used Open Source CMSs, the compatible versions are:

  • WordPress >= 4.7
  • Joomla! >= 3.6.4
  • Drupal >= 8.2.3

Plugins and modules are not all operational on PHP 7.1.0 so if you’re planning to migrate from 7.0 (or an earlier version) to 7.1, proceed with caution. You might want to try making a copy of your sites to try out PHP version 7.1 before taking it live if all goes well.

TIP: If you are using the WordPress Toolkit on Plesk Onyx, you will be able to easily duplicate your website and test the new version on the copy first in the next major version of the toolkit!

Check your version of PHP

On your Plesk control panel, go to Tools & SettingsPHP Settings.

PHP 7.1.1 - Plesk PHP Settings

Install PHP 7.1 in Plesk

Go to Tools & Settings – Updates and UpgradesAdd / Remove components. Select PHP 7.1 and click on the “Continue” button.

Plesk Php 7

After the installation process, you must activate the new version for your domains. Go to Websites & Domains, select your domain and click on the PHP Settings icon. On the next page, you’ll define the PHP version and other parameters, such as the memory limit or the execution time.

Plesk - Activate PHP version 7.1

Select the new version, set your preferred performance and common settings, and click “Save. If you’ve successfully updated your Plesk PHP version, you’ll see 7.1.1 under the PHP Settings icon.

Plesk PHP - version 7.1 activated

Note: As mentioned above, not all applications or plugins support the latest PHP version. If an application or plugin is vital to your website, be prepared to switch back to the last PHP version.

Now go forth and try the newest version of PHP, and enjoy the improved performance and decreased memory usage!

AutoScaling WordPress Docker with AWS

Autoscaling WordPress Docker & AWS

Do you run your website with WordPress? Ask yourself: “How many concurrent visitors can it handle?” What if your site is an e-Commerce?

According to Amazon you lose 1% of sales with every extra 100ms load time. Today, customers expect your page to load in less than 3s – in their browser – not on your server.

Can you make your site faster?

Making your website fast for one visitor is relatively easy – use NGINX with php7-fpm, cache static content (e.g. with varnish or Memcached). And if latency is an issue, because your visitors come from all over, use a CDN (Content-Delivery-Network) like CloudFlare or AKAMAI. Thus bringing your site as close to your users as possible.

All the above will substantially increase your website speed since pictures and videos will display immediately. Without having to travel long distances through the web. Bear in mind though, that JavaScript and CSS files also need to be loaded within milliseconds to make your website look sexy from the very start.

Pssst, now’s when we add the fact that the Plesk platform includes all these technologies. Enabling you to run your sites with unparalleled performance, – and in a few simple clicks too.

But if you expect lots of visitors on your website at the same time – which is what will ideally happen once your site becomes popular and successful – one server just might not be enough to handle all the requests.

Multiple server requests – what do you do?

You know when you’re at the supermarket and the line at the checkout is huge? If they’re service-oriented in any way, they’ll open a new checkout to distribute the load. What happens on a crowded Saturday when every last checkout is chock-a-block? People roll their eyes, sigh in despair and are suddenly very likely to visit a competitor next time. Not what we want, is it?

What about giving our customers a fast and reliable service? One which makes them leave with a smile and come back frequently, because they felt oh-so-well-served? Now we’re talking!

But how to tune WordPress to be able to handle massive parallel requests? That obviously requires several servers – like the checkout desks in the supermarket. But as seen in our crowded Saturday shopping experience, it might not be enough to simply add one or two servers. And adding 10 servers from the start could turn out tremendously expensive and ruin your business case.

Scaling your website works a lot like consuming straight from the power supply! If you have low traffic, you have low costs. When your traffic increases, infrastructure should automatically scale to handle the load. Ahhh bliss.

This procedure leads to correlated costs, which shouldn’t cause you any headaches, as more traffic means more business. In other words, if you play your cards right and scale, increased costs for your servers shouldn’t hurt your revenues. In fact, quite the opposite. And if your traffic decreases, your server-related costs will magically disappear too.

Excited to learn how all this funky stuff works?

Great! In order to make WordPress as fast as a bullet, we need to accomplish the following steps.

  1. Set up your own database server with enough power on a separate machine.
  2. Move all static files to a file storage which is faster in delivering files.
  3. Create a CDN in front of your site to bring at least static files close to your end users.
  4. Set up multiple servers with the exact same WordPress site (including configuration).
  5. Get a load-balancer and have it distribute the load between these WP servers.
  6. Depending on how you want to make updates on your site, you can either.
    1. redeploy all instances to ship all your changes (better performance).
    2. or you use a shared filesystem that all instances use (slower, but easier to update).

Ramp up new instances automatically

But the king’s class is to actually ramp up new instances automatically driven by demand and ramp them down again when not needed.

How to accomplish that?

We need an infrastructure that allows, managed via APIs and with the capability of auto-scaling based on events (e.g. “high CPU consumption alarm”).

In our example, we use Amazon AWS since it is the most popular Cloud Service Provider based on amount of web-facing servers with the largest ecosystem. But Microsoft Azure and Google Compute Platform also have their strengths and can easily compete with AWS. Just pick one and you’re good to go. Again, Plesk runs smoothly on all major Cloud Service Providers and is available as an app on the AWS Marketplace.

Before going into the APIs, we should decide how we want to deploy WordPress on the servers. We do not want to deploy manually – we want to let the infrastructure auto-scale for us instead – which means the auto-scaling component decides when to add or remove servers. We could use Chef, Puppet, Ansible or simple bash scripts for this task, but our preference is to use Docker to simply package our WordPress including our website content and configuration fully separated from the infrastructure. And then just put this Docker image on each server and run it as a container. With this approach it is super simple to configure all we need once and reproduce deployments as often as we want with no effort.

App instance - autoscale WordPress with Docker and AWS

How to build a Docker Image

To build a Docker image you first need to describe it in a Dockerfile. You can see the Dockerfile we’re using here. But to sum up, we build our image with the latest WordPress version by running:

 $ docker build -t janloeffler/wordpress-aws-scaler:latest . 

After building it, we need to push it to a Docker Registry – which is a file storage for Docker images. We use the official Docker Hub here:

 $ docker push janloeffler/wordpress-aws-scaler:latest 

You can easily run your image containing the WordPress locally to test it out. Be aware that you need to specify parameters, like database hostname and credentials.

 $ docker run -p 80:80 -p 443:443 -it janloeffler/wordpress-aws-scaler:latest 

Now we need to get more provider-specific since AWS, Microsoft Azure and Google Compute all have different APIs. And they all call their services slightly different. But in the following example, we’re using AWS.

Scaling – It’s all about APIs

AWS offers tons of REST APIs while each of them provides tons of API calls with again lots of parameters. Most of them are optional and can be used for flexible configuration. You can access these APIs either directly via REST http calls or by using the AWS CLI directly on your shell. For now. we’ll use the CLI in this example. Which is a wrapper for the REST API and thus easier to use for debugging.

For our super-fast auto-scaling WordPress we need the following APIs:

  1. EC2                             (to manage virtual servers)
  2. S3                                (to upload files to the file storage)
  3. S3api                          (to manage the file storage)
  4. RDS                            (to manage the database)
  5. ELB                            (to manage the load-balancer)
  6. AutoScaling              (to configure auto-scaling)
  7. CloudWatch              (to monitor load on our servers; required by auto-scaling)
  8. CloudFront               (set up the Content-Delivery-Network)
  9. SNS                            (notification channel between monitoring and auto-scaling)
  10. Route53                    (manage domains and DNS entries)
  11. IAM                           (manage access permissions of the infrastructure)

To give you an idea of the complexity – the EC2 API alone provides 210 API calls to manage compute resources on AWS.

To list all your EC2 instances in your AWS account you can simply run:

 $ aws ec2 describe-instances 

The result if all API calls is always represented as a JSON response. To automate AWS, you simply have to LOVE parsing JSON 😉

Since describing all required API calls would fill approximately 20 pages, we skip that and provide a solution to you that does the whole job of managing and auto-scaling WordPress with just 1!!! single command. Sounds awesome?

Plesk WordPress AWS Scaler is OpenSource

So good news – you can check out the Plesk WordPress AWS Scaler on our git! Here’s how you do it:


Autoscaling Using Wordrpess Docker & AWS

Just download the repo to your local machine by cloning it:

 $ git clone 
 $ cd wordpress-aws-scaler 

Now execute the Plesk WordPress AWS Scaler script to see its options:

 $ sh 

Plesk WordPress Scaler for AWS

You can adjust the configuration to your needs

  • WordPress Site Title
  • WordPress Admin Credentials
  • E-Mail Address
  • Domain Name
  • New Relic License Key (for application performance management)
  • EC2 & RDS configuration e.g. server sizes (here: instance types)
  • And much more

All these parameters are optional. And you can also create multiple config files for several WordPress sites in the same AWS accounts. To create a new Auto-Scaling WordPress, simply execute:

 $ sh create 

To update all instances with a new version of your site:

 $ sh update 

To delete it incl. its data and all depending resources:

 $ sh delete 

And if you’re interested in the technical details, just open the file in your preferred IDE and have a look.

Don’t have Plesk yet?

Get your free download here and try it out. You’ll get a code you can use for 14 days and an email with all the juicy details. After that, our team will be there to support you as you make your next steps for your workload or business. Happy scaling and stay Plesky!

HTTP/2 & Let’s Encrypt for WordPress

Let's Encrypt & HTTP/2 for WordPress

Our web blog is now meeting the latest security standards and making it HTTP2-ready is easier than you think. Here’s how we switched our web blog ( ) running on Plesk + NGINX to HTTPS and made it HTTP/2-ready with a free, SSL certificate from Let’s Encrypt. Before we get into the details a few things to start with.

Protocol enhancements like SPDY and HTTP/2 have narrowed the performance gap between encrypted and un-encrypted web traffic, with encrypted HTTP/2 outperforming un-encrypted HTTP/1.1 in some cases. Even more importantly, encryption is now kind of mandatory as Google announced that HTTPS is used as a ranking signal in search results, with HTTPS-enabled sites ranking above their plaintext counterparts. ‘Yes, HTTP/2 is awesome,’ I hear you saying, ‘but it requires HTTPS which, in turn, requires an SSL certificate – and those things cost money, you know?’ Well, here comes the sales pitch: Plesk, together with Let’s Encrypt, makes HTTPS setup a breeze and brings you a faster Web with HTTP/2.

Let’s see how we did it.

HTTPS & Let’s Encrypt

First,  issued a free trusted certificate from Let’s Encrypt with automatic renewal and set it up for, hosted on Plesk 12.5.

There are many manuals available online talking about how to install an SSL certificate on Linux so you might have already seen rows upon rows of command line calls, lists of changes to configuration files, and even instructions for building additional utilities. Well, we decided to make our life easier and just used the Plesk “Let’s encrypt” extension that enables Plesk users to issue and install certificates with auto-renewal functionality in the Plesk UI with just a few clicks.


You can find the details in one of our previous blog posts here: After a few clicks we were done and had a free, trusted SSL certificate installed on Let’s enable HTTP/2 next.


HTTP/2 is the second major version of the HTTP network protocol used by the world wide web.

Ratified in May 2015, HTTP/2 was created to address some significant performance problems with HTTP 1.1 in the modern web era.

  •  HTTP/2 is supported in NGINX web server starting from version 1.9.5.
  •  Currently, HTTP/2 is supported by all major web browsers.
  •  Your sites do not require any changes to get the HTTP/2 advantages.

Now, HTTP/2 is available out-of-the-box for all Plesk 12.5 customers!

Sounds good, doesn’t it? Let’s move on.

First, you need to make sure that the latest Plesk update, Plesk 12.5.30 Update#28, is installed. We don’t, because  we have auto-updates enabled on the server and  recommend you enable them too. Then, we logged in to the server via SSH as root, and ran the following command line utility:

#/usr/local/psa/bin/http2_pref enable

That’s all it took to empower our HTTPS sites with HTTP/2! If you’re not sure about your websites go to to check for HTTP/2 compliance. 


Detailed User Instructions for enabling HTTP/2 in Plesk can be found here:

If you’d like to get a second opinion, you are welcome to use the “HTTP/2 and SPDY indicator” extension for Google Chrome, found here.


We have now secured the connection between the server and the website. Next step is to configure our WordPress site to only use HTTPS. This required a re-configuration of WordPress settings to replace all http:// links inside the WordPress database with  https://. If you fail to do so you will continue to receive “Mixed content warnings” for previously uploaded content:

  1. Go to the WordPress administrative interface and change both “WordPress Address” and “Site Address” to use https://
  2. Set-up a redirect for all http:// requests to https:// for the respective website.

Screen Shot 2016-04-15 at 11.14.43

Next step was to change the links inside the WordPress database. There are a lot of possible ways to do it, starting from direct SQL queries to wp-cli. We decided to do it via the WordPress interface using the “Better Search & replace” plugin, which can either be installed from the Plesk interface or from the WordPress Administrative interface.

This plugin helped us to find all matches for “” in the WordPress database and replace it with ““. This plug-in allows you to only find but also find and replace if you with to do so.

Last but not least we had to redirect all http:// requests to the https:// counterpart of our blog using the Plesk interface. We went to Websites & Domains , selected, and then “Apache and nginx Settings”

to set-up the redirect in the “Additional nginx directives” section, like this:

if ($scheme = http) {

return 301 https://$server_name$request_uri;



That’s it! Now, all browser requests to are redirected with the 301 code to, and that’s just what we wanted.

On a separate note…. .

Load speed test with shows that the transition from non-SSL HTTP to HTTPS + HTTP/2 has little impact to the site load speed.

In return, we now have a secure connection with a nice green trusted SSL certificate,  including better indexing from Google for free 🙂

By the way, we did not stop with the DevBlog – actually, the new Plesk website ( – check it out!) was built on Plesk 12.5 [+ WordPress Toolkit] + WordPress.

Have a nice day 🙂