Skip over navigation

Contact us to learn more about OroCommerce's capabilities

lear more

Developers' Digest

[Free Guide] How to Build a Reliable and Secure Infrastructure for OroCommerce

January 23, 2018 | Oro Team

While it’s still quite early in the year and the operational loads are not as high as during the insanity of Christmas sales, January is just about the best time of the year to review your systems and infrastructure against the best practices, your projected (and budgeted) needs and potentially new legal requirements.

To help you with this we have prepared and are now releasing this Reliable and Secure Infrastructure for OroCommerce guide to cover the basics to look out for.

The main valuables you will find in the guide are:

  • How to estimate workload and data size, which parameters need to be taken into consideration, which aspects the workload is going to depend on and how to plan the capacities accordingly;
  • Basics of making your systems reliable and scalable, which platforms and components have proven to work well with OroCommerce, what are the best ways to secure both scalability and availability and more;
  • Monitoring your operations, the scope of monitoring that is an industry must (spoiler: it will range from performance to security incidents), tools and platforms to build an adequate monitoring system and things to look out for when monitoring;
  • How to make your deployments secure from the start: although Oro closely follows the Open Web Application Security Project (OWASP) recommendations at all stages of the deployment and the standard deployment is designed to work with the payment gateways riding our customers from having to store any cardholder data, we would still like to make a few recommendations you will find useful.

Additionally, as the cherry on the cake, especially valuable for those planning or auditing the eCommerce deployments, we’ve thrown in Sample Deployment Configurations. In this section, you will find three sample deployments you could use as a baseline if you are just planning your infrastructure, or match against if you are auditing or looking to improve.

The three Sample Deployment Configurations are: 

  • Minimum Deployment Configuration – a basic config which can be used for planning and budgeting your infrastructure at the earliest stages of your eCommerce project, when you have relatively low traffic or you are just testing the concept).
  • Scalable Deployment Configuration – this option is recommended for scalability from the start if you require support for huge catalogs or you plan to quickly expand to multiple localizations and sub-brands.
  • Secure Deployment Configuration is similar to the Scalable Configuration, with one difference: every component of the system is moved to a dedicated subnet, which will mitigate the possible intrusions by isolating tiers from one another.

We hope you will find this guide useful. Should you wish to share your own best practices, or discuss other infrastructure variations, please drop us a line in the comments below or at our forums.

Back to top