Just X-Cart Australia offer 3 different webmail email clients for managing your mail. Below are the instructions for each one with regards to successfully permanently deleting email off the server. If you are exclusively relying on webmail for your email in order to avoid exceeding your mailbox quota and thus having your email bounce, we strongly recommend you correctly configuring webmail with regards to deletion of email.

If you are relying on a combination of webmail and local email client, or exclusively on an email client like Outlook or MacMail, please also read the article Deleting Mail from the Email Server: Using Your Local Email Client >>

Log into your webmail account

From left-hand navigation click on Options >> Mail >> Deleting and Moving Messages

On the next screen you need to do 3 things:

Tick the box that says “When deleting messages, move them to your Trash folder instead of marking them as deleted?”
From the drop-menu header ‘Trash folder:’ select the option ‘Trash’
Tick the “Display the ‘Empty Trash’ link in the menubar?”

Then click on ‘Save Options’

Your webmail is now set up that when you delete items from your Inbox by ticking the box next to an email you want to delete, that email will now go into the ‘Trash’ can.

From here you can either go into ‘Trash’ if you have accidentally put an item in there you actually want, and thus you can ‘move’ that email back into Inbox or the desired folder within Webmail

or

if you are confident that everything in the ‘Trash’ can be deleted then you can click on the ‘Empty Trash’ icon at the top of the page.

It may seem like double-handling, that when you delete an item it doesn’t get completely deleted off the server, but it gives users a chance to realise they have deleted an email by accident before it disappears for good. A bit like windows recycle bin.

Unlike other webmail Horde, you don’t have to set up anything from the onset as this mail client is already configured to move deleted items to ‘Trash’ with then the option of full deletion thereafter.

Open SquirrelMail

When you have an email to delete simply tick the box next to that email, and click on the ‘Delete’ button. By default the ‘deleted’ email is always forwarded to the ‘Trash’ can.

In order to remove the email completely from the server, you simply click on the word (Purge) to the right of the ‘Trash’ link.

Roundcube is set up to immediately forward ‘deleted emails’ to the Trash however initially the webmail client is set up to force you to manually go into Trash, highlight the actual email in the Trash can, and then click on the ‘Delete’ icon.

If you would like to automatically have your ‘Trash’ deleted fully from the server upon logout, simply go to Personal Setting >> Preferences
and scroll down and tick the box that says “Clear Trash on logout”.

* Warning: in setting up the Round Cube preferences like this you will not be able to retrieve any mail accidentally put in the ‘Trash’ can once you logout so be sure that no wanted email is ‘deleted’.

You can avoid storing mail permanently on the server, thus resulting eventually in exceeding your mailbox quota for your email account, by setting up your local email client correctly.

If using webmail we recommend you read “Deleting Mail from the Email Server: Using a Webmail client”

Outlook / Outlook Express

(1) Go into the Email Accounts section, select the email address, and then go through to the ‘Advanced’ screen

(2) Under the ‘Delivery’ section, by default, it will be set not to save any email on the server. Alternately you can set things up to save emails on the server based on certain conditions such as a specific time period in ‘days’ that mail will be kept on the server, or instead based on when you delete the email from your ‘Deleted Items’ folder.

Threats to a server can come from many different locations and one of these is when files are uploaded to a site.

We have always been a leader in the field of server security and on more than one occasion have been the first company in Australia to incorporate new security scripts and measures on our servers.

In line with this are very pleased to announce a new measure that is available to secure against infections arising when uploads are made to a site / server.

Click here to read our article

(1) Meta-data:

Ensure all pages of your site have meta data eg relevant titles, descriptions and keywords. There are a number of SEO tools available that can check keywords density, title and description relevance to page content etc. It takes time to get the right balance and have the meta data and actual page content have relevance, but the time you invest with certainly be worth it.

(2) Images:

Put text/alt tags on images throughout your website. Not only does it provide additional descriptions and information to customers, but it also assists Google to understand better what you page is about and also assist screen-readers to more effectively analysis your website, making it much more user-friendly.

(3) Content & Internal Linking:

Write up a keyword rich homepage introduction to include the words relative to your products/industry + links into your cart categories and directly to your products.

(4) Google Stuff:

• Click here for the one-stop shop for Webmaster resources
• Click here for webmaster guidelines. These tips will assist Google to find, index and rank your site
• Create a site map – click here to generate your site map online
• Create a Webmaster acccount so you can add site maps, manage robot text files and more.
• Create a Google Adwords campaign focusing on keywords that people are looking for and be willing to pay more than necessary on the keyword/s for 1-2 months. Once you start getting the click-thru history then you can knock the cost back to less. Click here to sign up.

(5) Forums:

Find forums that you can give your professional opinion on. Don’t just go into the forum and tell everyone to come and visit your site – this is not the objective. Instead, find forums that you can assist others with your knowledge. Take the emphasis of trying to promote your business, and place it on actually answering a question to the best of your ability. Ensure, however, to put your website URL in your signature so that when you do post comments to a forum with your answer goes up your web address.

(6) DMOZ Submission:

Sign up in the DMOZ directory – http://www.dmoz.org/  (ensure to drill down into the specific category, one only, that you want to be listed under, then click on ‘Suggest URL’ from top of page)

(7) Resources/Links:

Actively seek to place your link on sites with good pagerank, or that are popular and within your industry type. We strongly advise against link-farms and simply exchanging links for the sake of it. You can also place on this page links to other sites that you feel your visitors may find useful. Ensure to have written into your Privacy Statement however that all external links are provided to them as a courtesy and that you are not responsible for the content or activities of the business etc should your customer visit the links.

(8) Be Proactive:

Make regular changes, updates, add pages to your existing website. Add pages but do not delete existing ones, not change the actual names of the pages. All pages of your site has ‘history’ attached to them and if you delete pages, or change their names that ‘history’ is lost.

(9) Constant Contact:

Keep in contact with visitors to your and customers. Provide the option of subscribing to your newsletter on your website and then use that email addresses provided to notify site visitors of everything happening in your business, from the launch of new products, upcoming events, specials, sales etc. Whether it be a weekly or even monthly newsletter, the aim is to keep your web address clearly in their minds – and what better way than via their inbox!

(10) Monitor your site:

How can you possibly know what is going on with your website if you don’t actively monitor what’s going on with your website! X-Cart comes inbuilt with a variety of statistics and analysis tools, however, if you really want to view your websites activities get yourself a program that enables you to see where people are coming from, what are the most popular pages, how many ‘unique’ visitors have visited, how did they get to your site eg by search engine search term, adwords link, or other referral link, and the click-path they took through your site. All of this information is invaluable to see how your website is going. In conjunction with monitoring software/tracking script, keep you own journal of keywords and how you are ranking in the search engines. Just put together a spreadsheet and list down the keywords you want to rank well in. Then weekly take the time to actually type those keywords into Google and see where you are positioned. The only way to tell if you are improving is to check if you are actually improving! If you are, keep doing what you are doing. If not, then at least you are aware that things need to change in order for your search engine success to change.

(11) Add a Blog:

Just like the forums, a blog can be a fantastic place to provide resources and information to your customers and site visitors. It can also encourage regular interest in your site, resulting in repeat visits from people just to see the latest news, review and information you have on your blog.

(12) Reward your customers:

Have incentives to encourage repeat patronage ie all first-time customers you could send a $10.00 gift certificate to – they would have to either come back themselves to redeem it, or forward it on to another person – either way you get another sale, even if you loose $10.00 on the sale itself.

Have ‘special offers’ or bonuses such as free shipping etc, especially o Special Occasions such as Mothers Day, Fathers Day, Valentines, X-Mas, Easter – basically utilise all the special times of the year as a good excuse to have a special, have a sale, have a bonus offer etc  

(13) Social Networking:

There are numerous places on the internet where groups of people gather these days, that form the perfect marketplace for promotion of your business. As such it would be within your best interest to take advantage of such places including:

• Twitter
• MySpace
• Facebook
• Skype
• MSN

You may not understand much about such social networking sites however even a little knowledge and utilisation of these sites can increase traffic to your site, resulting in sales from strangers that are now your new customers!

And even if you don’t have the time, knowledge or inclination to do anything with social networking right now, we strongly encourage to go and secure your social networking identities for future use – if you don’t you may very well find that your competitors!

 Here is how to create a post or article into your newly created Categories.

 Diff file (or a patch) is a file ‘describing’ changes which needs to be applied to the file. In UNIX world diff files are a standard way to apply changes/fixes to a program source code. There is a special program called ‘patch’ which reads diff files and applies the changes to the source code. 

In everyday use diff files are frequently called ‘patches’ which may sometimes cause confusion. 

An example of a diff file:

Code:

Index: admin/category_modify.php 
@@ -160,7 +160,7 @@ 
       db_query(”update $sql_tbl[categories] set category=’$category_name’, description=’$description’, 
meta_tags=’$meta_tags’, avail=’$avail’, order_by=’$order_by’, membership=’$cat_membership’ where 
categoryid=’$cat’”); 
       db_query(”UPDATE $sql_tbl[categories] SET membership=’$cat_membership’ WHERE category LIKE 
‘$category_name/%’”); 

-       db_query(”UPDATE $sql_tbl[categories] SET 
category=CONCAT_WS(”,’$category_name’,SUBSTRING(category,”.strlen($old_category_name).”)) WHERE category LIKE 
‘Books/%’”); 
+       db_query(”UPDATE $sql_tbl[categories] SET 
category=CONCAT_WS(”,’$category_name’,SUBSTRING(category,”.(strlen($old_category_name)+1).”)) WHERE category 
LIKE ‘$old_category_name/%’”); 
   } 

#

We suggest three methods for patch installation.

During internal audit activities we found a moderate security issue that makes X-Cart potentially vulnerable to attackers who wish to gain access to the application back-end.

The following security improvement has been included into this update: -

- protection from XSS attacks.

SEVERITY:
Moderate

IMPACT
Malicious users may inject an active content (for instance: JavaScript) into the application to fool users in order to gather data from them.  An attacker can steal the session cookie and take over the account, impersonating the user.

AFFECTED VERSIONS
All X-Cart versions

SOLUTION
We strongly recommend you to apply the security fix to secure your store.

To apply this patch, follow the instructions below:

1) Download the security patch (the security-patch-2009-08-04_***.tgz archive file, e.g. security-patch-2009-08-04_4.2.2.tgz) from the “File area” section of your HelpDesk account.

You can find the patch by the following path:
* For X-Cart 4.2.2 version:
X-Cart -> X-Cart 4.2.2 (current version) -> Updates and patches

* For all the other versions:
X-Cart -> X-Cart supporting files for prev versions -> {Your X-Cart branch} -> {Your X-Cart version} -> Updates and patches

2) Decompress the archive file.
The following folders will be extracted:
/DIFF-xcart – contains DIFF files to patch customized X-Cart files
/xcart – contains the X-Cart files with fixed vulnerability.

Note:
DIFF file is a file containing the difference between two files. In our case the DIFF file contains changes made to the current file by comparing it to a former version of the same file.

There are 2 ways to install the patch:
a) place the fixed files over the current ones;
b) manual installation using DIFF files.

3) Back up the corresponding files in your X-Cart before patching the store.

4) If the files from the xcart directory are not modified in your X-Cart, you may use the first method of applying the patch. This
way the files from the patch will overwrite the same files in your X-Cart.
You should copy the files from the patch into your X-Cart installation via FTP or another tool that you
usually use to manage files on your web-server. The copied files will replace the original ones that contain
the vulnerability, thus it will be fixed.

NOTE: The patch will overwrite the files completely, i.e. they will become default. If you made any
changes or customizations to the files, make sure you re-implement the changes after the patch has been
applied, or just install the patch manually.

5) If the files have been modified, it is recommended to apply the patch manually using DIFF files. This way you will keep your modifications intact. 

ATTN: In case you are running X-Cart 3.3.x and earlier, please contact our tech support directly. 

If you have any questions or concerns, please do not hesitate to contact Just X-Cart

Please note: all the issues fixed by the current patch have already been corrected in the newest X-Cart 4.3.0 version.

 Gift Certificate bug-fix

With the release of NABTransact externally hosted payments page recently, we have discovered a small bug whereby the NAB gateway will not recognise gift certificates monetary values when placed in the cart. This glitch causes the order to fail once it leaves the cart and attempts to process the order with NAB’s gateway.

Our developers have, however, investigated and rectified this issue.

Please contact Just X-Cart Australia if you have the first release of the NABTransact payment gateway add-on and we can supply you the file you require to fix the issue.

Dear Just X-Cart client,

As part of our server maintenance, we will be performing a range of upgrades and security checks on your server in the next few days. There are a range of changes and enhancements so I will explain them individually. These include:

KERNEL UPGRADE

The kernel on your server will be upgraded this week and a reboot will be scheduled for 10pm AEST on Saturday 30th May to apply the kernel. The reboot should only take a few minutes to perform.

APACHE/PHP UPGRADE-SECURITY ENHANCEMENT

Apache and PHP will be upgraded on all servers that are currently running older versions to Apache 2.2.11 and PHP 5.2.9, some security adjustments to Apache and PHP will be made, including the introduction of Suhosin, a PHP hardening module to the server. Most changes should cause no effect to client sites however there could possibly be a few sites with older scripts etc that may require adjustment. If anyone has any issues please contact us immediately.

SUHOSIN – HARDENED PHP

Suhosin is an advanced protection system for PHP installations. It is designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core and on our cPanel servers will tie directly into the Firewall system to block offending users illegally accessing scripts on the server.

We have a well developed ruleset that we have been running and testing on our cPanel hosting servers for some time now and we believe the settings we will be applying will cause no issues to any clients, however if any issues please open a ticket at the helpdesk.

EMAIL SPAM ENHANCEMENTS

In a bid to reduce spam and to enhance email security cPanel has introduced SPF records and Domain Keys to the mail system and we strongly advise all clients to login to cPanel and enable these functions. Details about SPF records can be found at http://www.openspf.org and information on Domain Keys at http://www.dkim.org.

Clients can access and enable these functions by clicking on the Email Authentication link in their email hosting cPanel (X-Mail). See your ‘Welcome email’ for email hosting console link and your username and password.

FTP SECURITY

We have found an increasing amount of websites, in particular insecure PHP websites, being infected with Javascript and other related worms, trojans and hack attempts. A lot of these are caused by insecure scripts, which should be checked and upgraded or secured where possible, however an increasing amount of people are having these sorts of hacks caused via insecure FTP connections.

We strongly advise clients to either set their FTP programs to use secure FTP (FTPS) which is accessible on port or to use SFTP on port 22351 to ensure security of uploaded content. 

Clients will need to check their FTP programs to see what options they have available to them.

Further to this, despite previously recommending Filezilla to clients, we now advise against using Filezilla FTP client as we have seen a number of clients report connection issues. A number of people have issues with Filezilla and the global connection setting when they upload it causes too many simultaneous connections and they get blocked by the firewall.

Try using another FTP client such as:

• CuteFTP
• FireFTP add-on for Firefox Browser
• Fetch for Mac

Kind Regards,

If anyone has any queries or concerns, or find your site experiencing any problems, please do not hesitate to contact us for assistance.

Kind Regards,
Natalie Verhoek
Head of Technical, Data & Training

If you are hungry, you could go to McDonalds - If you are wanting to have some fun, you could go to Disneyland.

Of course, everyone knows who McDonalds and Disneyland are but how did they become so well known? 

 If one needs a hammer, he would go to a hardware store.
If one needs pain killers he would go to the drug store. 

And you may now say in return that everyone knows what hardware and drug stores are for.
But what would you do if you do not know where to look for something?

One option is to just walk along the street and ask the first man you meet to point you the right way.

But, the world of the Internet differs from real life, but there’s something in common.

There are site-giants like: YouTube, FaceBook or eBay on the Internet, just like McDonalds and Disneyland in real life, and everyone goes there and always finds what he expects.
If you don’t know where to go you can always ask Google and it points you in the right direction.

However, a user can surf the web at random for years and never come to your site if no one on the Internet, even Google, knows about it.

And the main question is: how do people know where to go if they need what you sell on-line, who will point them the right way?

And it is SEO you can utilize to carve the visitor’s way from the browser right to your site.

• Thus a distant aim of SEO is to make your site as popular as possible in your industry, like McDonalds is in the restaurant fast food business.
• A more material reason is to let the other know about your site so that people wandering in the Internet can run into your site.
• But the most important goal is to make sure that people looking for something special are told where to go and the place they are directed to is YOUR SITE.