Illiterate revisions and incorrect configurations often lead to errors that cost site owners thousands of dollars. A notable case is when an owner of a flower shop lost thirteen thousand dollars in a single day. On Valentine's Day, their site on Bitrix was down. It turned out that a third-party developer acquired administrator rights and accidentally made fatal changes to the source code. Below are 14 interesting bugs that led to financial losses, reputation damage or other issues.
How Lebedev was almost hammered into trouble
This is a story about an avatar bug, exploited by the designer Artemy Lebedev. LiveJournal users uploaded large images to the site and then cut them using the website's settings. A person could take a photo in the bathroom, half-naked, and then crop it. Artemy exploited a bug that allowed the reader's full userpic to be shown in the post. As a result of the exploit, the original photo was shown, accompanied by obscene annotations and active discussions between hundreds of users. The man didn't understand how he deserved such a level of attention from strangers. Consequences? Artemy almost got hit in the face on the street.
What is 1C-Bitrix?
1C-Bitrix is a ‘boxed’ site management system. CMS offers packaged solutions for e-commerce. Simply put, you can quickly launch an online store, an advertising campaign, a corporate website, services and portals through the use of this CMS. All the popular functions are built into Bitrix.
1C-Bitrix software packages
The company offers ready-made modular solutions for various types of sites.
- 1C-Bitrix: Site Management – a CMS for online commerce.
- 1C-Bitrix: the Corporate Portal is a product designed for the administration of large companies.
- Industry products. Typical configurations created based on the Bitrix Framework: healthcare, a portal for a state organization, a website for an educational institution, and more.
- 1C-Bitrix: enterprise is the most expensive product designed for creating and managing very large projects.
What is the Bitrix Framework?
The Bitrix Framework is the core that contains various solutions and their settings. The webmaster or administrator can disable certain functions in the module, as well as configure the module for the needs of the company. In addition, after buying a license, Bitrix offers out the source code, which allows third-party developers to improve the product. Therefore, any two sites on Bitrix can be strikingly different from each other. The quality and performance of sites using the engine directly depend on the experience of programmers and webmasters.
Junior developer on the production server
On the first working day, Junior set up the local environment according to certain instructions, in which, he found accesses from the production server. After running commands to fill the database with test data, all data from the production database was deleted, because the employee used accesses from the instructions, and not local ones. Then, it turned out that the database could not be restored from backups. The employee was fired on the same day.
Basic functions and ‘features’ of 1C-Bitrix
Depending on the cost of the basic product, the functionality of 1C-Bitrix differs. Consider the ‘1C-Bitrix Business’ bundle.
01 | Yandex.Market | Unloading of goods in Yandex.Market | |||
02 | CRM | Customer relationship management | |||
03 | 1C | Store exchange with 1C in real-time | |||
04 | Multi-folding | Managing balances in various warehouses | |||
05 | Business processes | Task management and automation of business processes | |||
06 | A/B testing | Testing new templates and their impact on conversion | |||
07 | Full-text search | Search for a page by content, taking into account the morphology of a given language | |||
08 | Discounts and product marketing | Setting up promotions and discounts by time and product categories | |||
09 | Report designer | The owner receives a report on sales, products, customers, and balances | |||
10 | Conversion tracking | Shows where the client came from: SEO, social networks, email newsletters etc. | |||
11 | Mobile application | Adapting the website for mobile use | |||
12 | Email marketing | Collecting subscribers and conducting mailing | |||
13 | The blog | Blogging with advanced features: uploading images, ‘likes’ and so on | |||
14 | Web forms | Feedback forms | |||
15 | Multicurrency support | Currency exchange rate updates from official sources | |||
16 | Customer reviews | Create groups of customers who shall be offered wholesale prices or discounts | |||
17 | Customer reviews | Comments about the product or service | |||
18 | Configuring the checkout page | Setting up payment systems, points for receiving orders, placing orders without authorization | |||
19 | Integration with popular delivery services | DHL, FedEx, UPS, СDEK | |||
20 | Loyalty programs | Accrual of bonus points | |||
21 | Payment methods | All popular online payment methods are integrated | |||
22 | SEO | The module allows you to fill in meta tags and prescribe readable URLs |
Revision and maintenance of the website using 1C-Bitrix
In addition to boxed solutions, additional components and third-party solutions may be purchased.
- Ready-made widgets for anything, from product lists for individual diamonds to catalogues of tens of thousands of types of fishing gear.
- Buy in one click – a callback from the manager after pressing the button.
- Additional filter – sales hits.
- Filter products with discounts.
- Pre-order – the buyer reserves the desired product.
- Wishlist – after viewing the product, the specialist will be able to make individual offers to the client.
N.b. not only the purchase but also the fine-tuning of components allows you to improve the work of the site.
1. Error correction
Error correction is the most frequent request for site improvement. We correct errors made by the previous programmers or those that were made during an independent configuration of the site.
Endless cashback
When developing a partner program for the trading service Alpari, a mistake was made. As a partner, you could create several accounts through one phone number. That's what one smart user did. Deductions were made for all partners up the chain – as a result, the ‘partner’ recursively received cashbacks, which were successfully withdrawn.
2. Improvement of functionality
Bitrix offers dozens of settings and even more third-party solutions, allowing you to design a website without programming skills. Often, there is a situation when the bundled functionality of the site is not enough and you need to code something from scratch.
Features are more important than quality
An order was received to finalize the well-known service for the exchange of electronic money – it was necessary to implement the exchange of Bitcoin for other currencies. We had warned the owner about the bad source code and possible vulnerabilities. We persistently urged him to fix them. But he decided not to waste time and connect new currencies. About a month later, money was stolen from all the service's wallets.
3. Development of a module for Bitrix
We are often asked to develop a module for Bitrix. For example, we have developed an online fitting room for a Bitrix-based site.
4. Website redesign
The world of web technologies is changing at an incredible speed. It's uncomfortable for a user to look at a ten-year-old website with a once trending design. Nowadays, there are new mobile devices and new screen resolutions, so it's better to update the design every three to four years. We will create a design template, test and update the design in one day.
5. Filling with content
Often, people do not have time for convenient administrative tools, so they turn to a site maintenance service for adding news, posting new photos etc.
I'll ask the boss to cook borscht for dinner
A couple of years ago, an error was detected on the Android OS. Instead of sending a text message to a friend or partner, the application sent it, for example, to a boss. As a result, the developers received a lot of funny complaints.
- People corresponded with their bosses instead of their wives.
- Social network statuses were changed due to incorrectly sent messages.
- People, receiving messages from unknown people, responded to them as friends.
6. Adaptation for mobile devices
Mobile use on the Internet has reached 55-65%. Despite this, there are still sites that do not have a mobile version. Since July 1, 2019, Google has introduced the Mobile-first indexing algorithm. The mobile version of the site is stored in the search index, and the relevance of the content in the output is determined by its quality.
7. Transferring a site to 1C-Bitrix
Up to 30% of companies continue to use self-written websites. This is expensive and not always justified. Sites that started with self-written or simple engines want to have a content management interface to:
- add and delete products;
- organize promotions;
- publish news.
A miser pays twice
The owner of an auto parts store ordered the development of an online store on the freelance exchange in order to avoid the high prices related to the use of a software company. However, a year later, he still asked us to finalize the site. Changing someone else's code costs about the same as developing it from scratch. The customer wanted to save money, but in the end, he overpaid.
8. Transferring the site from 1C-Bitrix
1C-Bitrix has a range of basic management capabilities, but still, the bundled version has a limited set of functionalities. Companies that start with a small online store grow into large corporations and think about their business solutions.
9. Integration with ‘1C: Enterprise’
1C-Bitrix provides a solution for integration with ‘1C: Enterprise’, which is configured in a couple of clicks. Unfortunately, the setting only works for typical 1C configurations. Some of the 1C configurations are atypical and part or all of the data may not be unloaded. In this case, improvements to the 1C modification will be necessary.
10. The site is working slowly
Stores that start with a dozen or a hundred products rarely experience performance problems. When the catalogue grows to hundreds of thousands of products, however, the site begins to slow down, the pages load slowly, and sometimes they do not open at all. After connecting the Sphinx search engine, which Bitrix supports out of the box, the site is able to work faster and with more stability.
If it's not broken – don't fix it
The owner of a trading adviser on Metatrader 4 contacted us with the problem of periodic memory leaks on the trading server. After correcting the obvious errors, the robot, which had previously traded successfully, began to lose money. The algorithms themselves were incorrect, but they miraculously made a profit, despite the errors.
11. Composite website
A composite site speeds up page loading by two to three times. The page content is divided into static and dynamic parts. The static part is stored in the cache, and the content is transmitted to the browser almost instantly. The dynamic part, for example, the shopping cart, is unique for each user and is loaded by a separate AJAX request after the main part of the page is displayed by the browser.
12. Transfer to a new hosting
The reason for the transfer may be due to the low quality of the current hosting, an increase in the load, changes in SEO optimization, or legal requirements.
Few people will be pleased by the frequent interruptions in the work of the site associated with the hosting provider's equipment. Therefore, we are asked not only for the transfer itself but also for the selection of a suitable hosting. The best hosting companies offer tariffs specifically for Bitrix.
As the number of visitors increases, the load on the hardware also increases, so it is not enough to increase the current tariff plan – a fully-fledged transfer to a dedicated server is necessary. For large projects under the ‘Enterprise’ license, the ‘Web Cluster’ module is provided, which allows one to host a site on several servers.
If an online store or a site has a regional affiliation, for example, it sells goods only in New York, then it is better to place the site in a data centre in the same city. The site pages of the target audience will load faster, and search engines will increase the relevance in the output for regional queries. Therefore, when the company starts working on SEO optimization, we suggest moving to the best hosting.
From 2018, personal data must be stored on servers located within the territory of European Union.
Until now, some online stores ignore this requirement and continue to use the services of foreign hosting providers. But over time, the move will be inevitable.
With the help of backups, you can easily transfer the site to a new hosting, and the virtual machine will automatically configure the environment.
Schrodinger backup: the state of the backup remains unknown until you try to restore it
There were problems with the database’s replica. After several unsuccessful attempts to correct the situation by changing the settings, the GitLab employee decided to delete the database and upload it again. When deleting the database, he made a mistake and deleted the master database, performed
rm -rfon db1.cluster.gitlab.com instead of db2.cluster.gitlab.com. At the same time, none of the five types of backup were able to be utilized and only an LVM snapshot was saved, which was taken accidentally six hours before the incident.
13. SEO optimization
To increase the number of visitors, the site should be optimized for search engines. We start with an SEO audit and compile the semantic core of the site. Bitrix contains so-called ‘Search Engine Optimization’ settings. However, adjusting these settings is rarely enough – site improvements are often required.
Out of budget
The owner of a furniture store applied for SEO promotion. The site was self-written, without an admin panel. I decided to first move the site to 1C-Bitrix. After the transfer, we focused on functionality. Then, the customer ran out of money, and we were not able to start SEO-related work. As a result, the site lost its position.
14. SEO audit
Before optimization, it is important to conduct an audit of the customer's site to find out how they are currently seen by search engines. Also, it's important to roughly estimate the amount of upcoming work in capital. To audit the site, the ‘SEO module’ and ‘Web Analytics’ are used.
15. Technical audit
A technical audit of the site should be carried out after the move to a new hosting, after a redesign or after changes to the structure of the site. The goal here is to identify errors, such as broken links, duplicate pages, lack of meta-information on the page, etc. Yandex.Webmaster and the Google Search Console are able to show problematic pages.
16. Usability audit
Usability directly affects the competitiveness of the site. The visitor wants to quickly understand the structure of the site, find a product or service, or perhaps they wish to instantly place an order. If the site is inconvenient to use, a potential client may select a competitor.
17. Marketing audit
If, after SEO optimization and when the desired number of visitors has been achieved, the number of orders remains the same, a marketing audit is needed. With its help, we can establish the relationship between site visitors and the target audience, in addition to the adequacy of the company's pricing policy. Based on the results of this analysis, we shall be able to write strategies for further work.
18. A/B testing
When changing the page design or adding new features, A/B testing is carried out to determine the attitude of users to the innovation. Users are divided into groups A and B: some see the old version of the page, while others see the new one. This is how the impact of changes on conversion and behaviour can be evaluated. When the update is implemented, it becomes available for everyone. Starting with the Small Business Edition, the A/B Testing module is included in the bundle.
19. Setting up goals
Setting up goals in Yandex.Metrica and Google Analytics helps to track the chain of user actions, from entering the site to placing an order. This allows one to visualize where users are encountering problems.
Neural networks are not gambling
When a certain neural network was learning to play unlimited Texas Hold'em, at a certain stage, it refused to place bets – it passed on the preflop, ignoring even the check-call. Apparently, it realized that it's better not to play at all – there will be more money left. Later, it finished the training and started winning.
20. Passing the Google PageSpeed Insights Test
Since July 2018, Google has been using site loading speed as a ranking factor for mobile searching. To achieve a high rating, we increase the loading speed of each page of the site: we optimize images, the HTML code of the site, styles, and JavaScript
21. Displaying the site in browsers
Using one browser, the customer does not see the problems of the site until he receives complaints from visitors. The site may be displayed differently in certain browsers due to invalid layouts, or because of the features of the browsers themselves. Today, there are more than 50 different browsers. Google Chrome, Safari, Opera, and Firefox are among the most popular ones. We display sites not just error-free, but also while achieving complete cross-browser ubiquity.
Friday evening – deployment time
A dialogue between the developer and the customer.
– I've done almost everything, but I haven't managed to update the test site yet. The settings were lost. On Monday morning I will sort it out.
– OK.
(after a few hours)
– You can view it on the test site, you just need to log out of your account, otherwise, there will be an error. I will deal with this problem on Monday.
– Maybe we should update the production site right away and see if there will be a problem there? If not, maybe we don't need to mess around with the test one?
22. Calculator
To increase conversion, improve behaviour, and sharpen the user experience, customers often turn to the creation of an online service calculator. The calculation for the cost of pizza, delivery, a mortgage calculator, a calculation for the amount of laminate required for a job – these are all typical examples of projects.
23. Placement of the map, driving directions
Yandex and Google maps can be configured from the admin panel. It is not necessary to post a screenshot of the maps. Maps are copyright-protected, so they cannot be shown in full or in part. A fine of up to 65,000 dollars can be expected for misuse.
Wall Street is 3 kilometres away by swimming
In 2012, funny bugs began to appear in Apple Maps. Some objects – the Washington Monument, hospitals, and supermarkets – appeared and disappeared, then changed their position on the streets. To take a train in New Zealand, you would have to get to the railway station by boat, since the station was located in the middle of the ocean.
24. Changing the site structure
Often, a harmless operation leads to a tragedy. An illiterate change in the structure of a site may lead to a lost search result position. Before making any changes, the current page positions, the presence of external links, and redirects from old pages should be analyzed.
25. Integration of online payment
The Bitrix solutions catalogue includes dozens of ready-made payment systems. If the desired solution is not on the list, then we write a new Internet acquiring module.
26. Integration of SMS notifications
Most SMS aggregators offer modules that can be installed without programming. Sending SMSes directly through the gateway of the mobile operator will require revision.
Wrong tab
HeidiSQL is a database manager that allows you to work in different tabs. By mistake, a request to the test database of an investment fund's website to delete all the table data was applied to the production version. Data had to be restored from binary logs using mysqlbinlog. Since then, tabs are marked with different colours.
27. Solutions for the visually impaired
Since January 1, 2016, the absence of a website version for the visually impaired is considered an administrative offence. This applies to medical organizations, educational institutions, and local self-government bodies.
28. Virus removal
Due to an untimely update, the site can be infected with viruses. Hidden advertising, spam mailings from the company's mailbox, and data theft. These are far from the most dangerous consequences.
Electric shock
Due to an error in the program, after changing their electricity supplier, a family from England received a bill of 500 million pounds.
29. Mail falls into spam
Sending emails works out of the box without additional settings. To be sure that emails will be delivered to customers, the following settings are required: SPF, DKIM, DMARC. In addition, the texts of letters should be carefully designed.