157 results found
-
Manage email suppression list
Allow the management of the email suppression list to which email addresses are added after multiple failure to send email.
Currently there is no visibility to this list.1 vote -
Captcha functionality
Please note: this idea required splitting so that various points may be addressed as information becomes available.
New request:
Captcha functionality - when users initially come into the site or users are starting an order or users are entering credit card information
Original request:
Please help with implementing below security features ASAP. There are so many frequent attacks on the website that causes the websites to go down.
- Geographical Rate Limiting - Add rules with rate limiting for traffic outside of specific countries (Challenge beyond the primary range/limit and block beyond the secondary range/limit)
- Basic Rate Limiting - Can we…
4 votes -
Enable Cloudflare's leaked credentials detection
Please note: this idea required splitting so that various points may be addressed as information becomes available.
New request:
- WAF compromised credentials check
Original request:
Please help with implementing below security features ASAP. There are so many frequent attacks on the website that causes the websites to go down.
- Geographical Rate Limiting - Add rules with rate limiting for traffic outside of specific countries (Challenge beyond the primary range/limit and block beyond the secondary range/limit)
- Basic Rate Limiting - Can we add a rule with rate limiting to block DoS attacks
- Bot Protection - Challenge suspected bots to confirm user…
4 votes -
Bot prevention measures
Please note: this idea required splitting so that various points may be addressed as information becomes available.
New request:
- Bot Protection - Challenge suspected bots to confirm user authenticity
- Bot detection with javascript to identify headless browsers
- Any other WAF rules to protect the website from anonymous usage and attacks
Original request:
Please help with implementing below security features ASAP. There are so many frequent attacks on the website that causes the websites to go down.
- Geographical Rate Limiting - Add rules with rate limiting for traffic outside of specific countries (Challenge beyond the primary range/limit and block beyond the…
4 votes -
Website Stability via Rate Limiting
Please note: this idea required splitting so that various points may be addressed as information becomes available.
New request:
- Geographical Rate Limiting - Add rules with rate limiting for traffic outside of specific countries (Challenge beyond the primary range/limit and block beyond the secondary range/limit)
- Basic Rate Limiting - Can we add a rule with rate limiting to block DoS attacks
Original request:
Please help with implementing below security features ASAP. There are so many frequent attacks on the website that causes the websites to go down.
- Geographical Rate Limiting - Add rules with rate limiting for traffic outside of…
4 votes -
Make Wishlist Item Line Note Searchable within the Wishlist Search Bar
Problem Statement:
As a frequent user of Lists within the site, I need to find items based on custom information I have added to the Line Note within the List so that I can be sure I am ordering the proper item.Proposed Solution:
Allow for the user to use the existing search field within Lists to find text within the Line Notes of items in the list. Customers will often put Ordering Details, Stocking Data, or even Custom Part Numbers within that field so they can be clear about what is ordered. But, those notes are not searchable, so…1 vote -
Control Panel Scheduler Must take Time Changes into account without re-scheduling jobs twice a year.
1) Goals
• Users can schedule jobs using their local date/time and time zone, and the job will run at the correct absolute instant even across DST and zone changes.
• This must take into account Daylight Savings time changes in the Spring and Fall
• The current Opti control panel only allows one time zone to be used (UTC). Need the ability to handle more than one.
• User should not have to manually re-schedule jobs two times per year when clocks change
• Admins and integrators can display and manage schedules in any time zone, and any time…3 votes -
Reintroduce or Provide Alternative Method to Restrict Access to the Admin Console in Configured Commerce (V3)
As part of our recent internal security audit, we identified a vulnerability related to unrestricted access to the Optimizely Configured Commerce Admin Console.
In the legacy V1 architecture, administrators could restrict Admin Console access by domain or IP range using configuration updates (as described in the Optimizely documentation: https://docs.developers.optimizely.com/configured-commerce/docs/restricting-access-to-admin). However, in the V3 architecture, this capability is no longer supported or configurable within the managed environment.
Our support engagement (Ticket #1788512) confirmed that this feature was not migrated to V3 due to complications with the impersonation feature and has since been deprecated. As a result, customers currently have no…
1 vote -
Disable Weak TLS Cipher Suites (CBC-mode Ciphers) in Managed Commerce Environments
As part of a recent internal and third-party security assessment (conducted by Optiv Security), our organization identified that our Optimizely Configured Commerce production environment (www.whitecap.com) currently supports weak TLS cipher suites, including CBC-mode ciphers.
These ciphers are considered outdated and potentially vulnerable to known cryptographic attacks (e.g., Lucky 13 and BEAST). Security best practices and compliance frameworks (such as PCI DSS, NIST SP 800-52r2, and OWASP guidelines) recommend disabling weak or deprecated cipher suites and enforcing stronger ones such as AES-GCM or CHACHA20_POLY1305 with TLS 1.2+ only.
During our support engagement (Ticket #1789304), the SRE team confirmed that…
1 vote -
Export product list from a category
In PIM: I want to export all products that are assigned in a certain category. For example, I have category A with 300 products, and I want to export these 300 products in category A. As for now, when I'm in category A in PIM and click on "products" I get the listed products assigned to category A, BUT I can't export them in a excel list or other files types.
1 vote -
Many customers change their SKU and it's not really supported in Configured Commerce
We have several client which rename SKUs in their ERP instead of deactivating and create a new one for multiple reasons. Recently one of them ask us to create a "Master UID" for them to map and update our products, but this field is internal only and not visible to the customers, so it's an internal ID used between the ERP, PIM and Configured Commerce to update the product.
Can such a field be added and could be used as an alternate natural key to simplify everything? Seems to us like a common issue.
2 votes -
Ability to force website users to sign in
When Remember Me/Keep Me Signed In is enabled for the website, and the user selects the Remember Me/Keep Me Signed In option when signing into the Website, there is nothing that forces them to sign in again if their role has been changed. They can return to the website based on their cookies, even though their role has now been changed (example: from Buyer3 to Buyer1). As a result, they can place an order without approval.
Please implement a function to force website users to sign in again when their role has been changed.
5 votes -
Increase job's parameters to nvarchar(max)
Increase job's parameters to nvarchar(max) so we can have larger values such as JSON. We are using custom properties to suit our needs, which is not the best approach.
Tables:
IntegrationJobParameter
JobDefinitionParameter
JobDefinitionStepParameter4 votes -
PIM - History details not shown for latest changes on produts
I'm not able to see the latest change history details for some products.
There are two panels with history lists, one to the left and one in the middle under the "history" tab.The list to the left only shows the latest change on the products but I'm not able to click on it to see the actual change that has been made. I can only see the product status and the date of the change.
On the other hand, the history list in the middle has a drop down where I can click on the different history versions and…
0 votes -
website users filteraccessible fields
We need to show assigned customers and roles as column/exportable fields from the admin console. these fields could be delimited as possible multi value but currently cant access those fields at all without going into each individually
3 votes -
Order checkout rules
We received requests from several customers that their business required users to fulfill certain conditions before they can checkout. For example:
- Minimum order amount.
- Shipping carrier is required.Please implement the capability of creating checkout rules to provide customers with controls over their incoming orders.
2 votesThank you for submitting this request! We have added this item to our backlog for future consideration and prioritization.
If there are more details regarding the desired experience for these storefront customers who do not meet the rules that would also be appreciated.
Would there be a goal to encourage users to shop their MyLists or have selection of recommended products for example or would the desire be to simply disable the ability to checkout with appropriate messaging as to the rule that needs to be met to continue?
-
Configured Commerce - CMS - Basic Button - Link Type
Please refer to ticket # 1757749.
When setting a specific URL as the Destination, the Basic Button element does not support language-specific URL(s) in this use case, although language-specific variants are set.
This is a design flaw that needs to be addressed. If customers have different language variants, there needs to be proper URL mapping in the back-end.
We can use Rich Content as workaround, however the point is work efficiency, CMS Basic Button being quicker to add to pages.1 vote -
PIM - User Roles Don't Work
Optimizely confirmed the existing PIM roles do not work but asked me to enter it as feedback instead of a bug. A user must be an Admin to update an image, which is not optimal. There are existing PIM roles with Edit permissions for items and images, but they do not work. Fix the existing roles, or custom roles and permission so a user doesn't have to have full admin authority to edit an image or an item field.
2 votes -
Change default (list / msrp) price to match alternate unit of measure
When using real time pricing we are locked into one list / msrp price. when a user changes to an alternate UOM the sale price will change but the List price remains static and no longer matches what the user is buying.
1 voteThank you for submitting this feedback, can you advise if you've sent this through our support system to review the example in more detail?
We would want to have the 'msrp' calculations reviewed, as well as the connecting out of the box property being used or if there are customizations affecting this display.
-
Optimize Wishlist Updates: Refresh Line Item Only, Not Entire Page
Optimize Wishlist Updates: Refresh Line Item Only, Not Entire Page.
Current Behavior (for customers using live inventory and price via API):
In Configured Commerce, when a user updates a product within a list or quote (e.g., changing quantity or removing an item), the entire list page refreshes. This results in longer load times and a less efficient experience, particularly for large lists.Requested Enhancement:
Modify list/quote functionality so that updates apply only to the specific line item being changed, rather than forcing a full list refresh (must also adjust the product total). Ideally, this would be handled via an asynchronous…2 votesThank you for submitting this request! Currently in order to handle the complexity of keeping the data consistency between the My List Details and My Lists Page(s) across the wide customer base we require resetting the state after updates on the line item(s) within Lists.
While we do not have any changes planned to alter this behavior on base please feel free to continue sharing feedback and impact.
- Don't see your idea?