Blog

By Christian Fillion E-Commerce Strategist & Founder, Marketing Media

We often tell clients that they can keep their older PrestaShop 1.6 or 1.7 stores, but only if they move to a “Hardened Hosting Environment.”

The natural question is: “How is that different from the $20/month hosting I have now?”

To understand the difference, imagine a car.

• Standard Hosting is like parking your car on a public street. It’s cheap, accessible, but if someone smashes the window, you’re on your own.
• Hardened Hosting is like a private, climate-controlled, armored garage with a 24/7 security guard.

For a modern website, the street is fine. But for a “Legacy” store (PrestaShop 1.6/1.7) that runs on older software, the public street is a death sentence.

Here is the technical breakdown of what a “Hardened” environment actually does, and why it is the only safe way to run a vintage store.

1. The “Time Machine” (Hardened PHP)

This is the #1 reason you need this.

The Problem: PrestaShop 1.6 requires PHP 5.6 or 7.1 to run. The creators of PHP stopped supporting those versions years ago. They are “End of Life.” If a hacker finds a hole in PHP 7.1 today, nobody is going to fix it. This is why standard hosts (like GoDaddy) force you to upgrade to PHP 8.0 (which breaks your store)—they can’t afford the risk of running old, insecure software.

The “Hardened” Solution: We use a specialized operating system (like CloudLinux) that provides HardenedPHP. Our team (and the OS vendor) manually writes security patches for these old versions. We basically “backport” modern security fixes into the old PHP 5.6 engine.

• The Result: You can run your 10-year-old code on a server that is secure by 2025 standards.

2. The “Prison Cell” (CageFS / Isolation)

The Problem: On standard shared hosting, you are sharing the server with 500 other strangers. If one of them installs a bad WordPress plugin and gets hacked, the malware can often “jump” across the file system and infect your store. This is called “cross-contamination.”

The “Hardened” Solution: We use a technology called CageFS. It builds a virtual, impenetrable wall around your account. You cannot see any other users, and they cannot see you.

• The Result: If the website next door gets nuked by a Russian botnet, your store doesn’t even blink. You are completely isolated.

3. The “Immune System” (Imunify360 & KernelCare)

The Problem: Standard Linux servers need to be rebooted to apply security updates. This means downtime. Because downtime is bad for business, many hosts delay updates for weeks, leaving the server vulnerable.

The “Hardened” Solution: We use KernelCare, which allows us to patch the brain of the server (the Kernel) while it is running. No reboots. No downtime. We also run Imunify360, an AI-driven firewall that analyzes traffic patterns. It doesn’t just look for known viruses; it looks for behavior. If a visitor starts acting like a bot (scanning folders, guessing passwords), the server blocks their IP automatically before they even touch your website.

+1

4. The WAF (Web Application Firewall)

The Problem: Your PrestaShop 1.6 code has known security holes that will never be fixed by PrestaShop.

The “Hardened” Solution: We place a WAF in front of your application. It acts like a bouncer. If a hacker tries to send a malicious command to your search bar (SQL Injection), the WAF intercepts the request and deletes it.

• The Result: Your code might have holes, but the WAF ensures nobody can get close enough to exploit them.

Why Would You Use It?

You use Hardened Hosting if:

1. You are running Legacy Software: You want to stay on PrestaShop 1.6 or 1.7 without being hacked.
2. You value Uptime: You can’t afford “maintenance reboots” or “neighbor infections.”
3. You need PCI Compliance: Credit card processors require you to run secure software. Standard hosting on PHP 5.6 fails compliance scans. Hardened hosting passes them.

Stop parking your Ferrari on the street.

If your business generates real revenue, it deserves professional-grade protection.

Download our [5-Point Profitability Audit] to verify if your current host is exposing you to risk, or schedule a hosting review below.

? [Schedule Your Strategy Call with Christian Fillion]

By Christian Fillion E-Commerce Strategist & Founder, Marketing Media

There is a moment of panic every online shopper knows: they hit “Place Order,” their credit card is charged, and then… silence. No confirmation email. No receipt. Nothing.

For the customer, this feels like a scam. For the store owner, it’s usually just a missing DNS record.

When your PrestaShop transactional emails (order confirmations, password resets) land in the Spam folder, you aren’t just annoying customers; you are actively generating support tickets and credit card chargebacks. Deliverability is not a “nice-to-have”—it is a critical infrastructure requirement.

The SEO Impact: Domain Reputation

You might treat your website and your email as separate entities, but Google does not.

• Sender Reputation: Google (Gmail) monitors how users interact with your emails. If your order confirmations are consistently flagged as spam or deleted without opening, it hurts your domain’s overall reputation.
• The “Unsafe” Flag: In extreme cases, poor email authentication can lead browsers (like Chrome) to flag your actual website as “Not Secure” or “Deceptive” if the domain is associated with spoofing. This destroys your organic ranking instantly.

The AEO Angle: The Smart Inbox

Answer Engine Optimization (AEO) isn’t just about search results; it’s about digital assistants. Modern inboxes (Gmail, Apple Mail) are now AI-driven. They parse your emails to generate “Smart Cards” at the top of the app—showing tracking numbers, flight times, or order summaries.

• The Missing Answer: If your email fails authentication (DKIM/SPF), it goes to the Junk folder. This means when a user asks Siri or Google Assistant, “What is the status of my order?”, the AI cannot find the answer.
• Structured Data in Email: To win at AEO, your emails need to land in the Primary Inbox and contain valid Schema markup. But if you can’t even get past the spam filter, the markup is useless.

PrestaShop Diagnosis: PHP Mail() vs. SMTP

The root cause for most PrestaShop stores is using the default PHP mail() function. This method sends email directly from the web server, often appearing as “unverified” or “spoofed” to receiving mail servers.

To fix this, we must authenticate your identity:

1. Switch to SMTP: We move your store off the default PHP mailer and configure it to use a dedicated SMTP provider (like SendGrid, Amazon SES, or a dedicated mail server). This ensures emails come from a trusted source, not a generic web script.
2. The Holy Trinity of DNS: We must access your domain’s DNS settings to configure three specific records:
   • SPF (Sender Policy Framework): A list of IP addresses authorized to send email on your behalf.
   • DKIM (DomainKeys Identified Mail): A digital signature that proves the email wasn’t tampered with in transit.
   • DMARC: A rule that tells receiving servers what to do if an email fails the first two checks (e.g., “Reject it”).

If your emails are hitting the spam folder, your business is whispering when it should be speaking clearly. Let’s authenticate your domain and restore customer confidence.

[Schedule Your Strategy Call with Christian Fillion]

By Christian Fillion E-Commerce Strategist & Founder, Marketing Media

One of the most dangerous assumptions a growing merchant can make is that all web hosting is created equal. While PrestaShop is technically compatible with almost any provider that supports PHP and MySQL, “functional” is not the same as “performant.” For a retailer scaling past the initial launch phase, generic shared hosting is often the single biggest bottleneck to revenue.

When your store experiences a traffic surge from a successful ad campaign or a holiday sale, a standard hosting environment will throttle your resources, leading to slow page loads, timed-out checkouts, and a direct drop in your Google Search rankings.

The Technical Reality: E-Commerce Demands More

Unlike a standard blog or a corporate website, an e-commerce platform like PrestaShop is “database-heavy.” Every time a user clicks a filter, views a product, or adds an item to their cart, the server must perform multiple complex SQL queries in real-time.

• The TTFB (Time to First Byte) Trap: Generic hosts often cram hundreds of websites onto a single server. This creates “noisy neighbor” syndrome, where another site’s traffic spike slows down your store’s response time. A high TTFB is a silent killer of conversion rates.
• Resource Exhaustion: High-volume catalogs with thousands of combinations require significant PHP Memory Limits (at least 256MB or 512MB) and high Max Input Vars. Cheap hosting plans often lock these settings, causing the PrestaShop back office to crash when saving large products.
• Lack of Specialized Caching: To achieve sub-second load times, PrestaShop needs advanced server-side caching like Redis or Varnish. Most “any-provider” hosts do not offer these tools, or they charge a massive premium for them.

The Marketing Media Standard: Performance-First Hosting

At Marketing Media, we don’t settle for “compatible.” We advocate for hosting environments that are engineered specifically for the PrestaShop engine.

1. Dedicated Resource Allocation: We recommend VPS (Virtual Private Servers) or Managed Cloud Hosting (like AWS or Google Cloud) where your CPU and RAM are reserved exclusively for your store. This ensures consistent performance regardless of global traffic patterns.
2. Optimized PHP-FPM & MariaDB: We configure the server environment to prioritize the specific query types PrestaShop uses. By fine-tuning the database engine, we can reduce page load times by up to 40% without changing a single line of your store’s code.
3. Proactive Security & Backups: Growth retailers cannot afford downtime. Professional hosting includes web application firewalls (WAF) and real-time malware scanning, along with automated daily backups that can be restored in minutes if a module installation fails.

Strategic Diagnosis: Is Your Hosting Stunting Your Growth?

• The “Slow Motion” Admin: Does it feel like your PrestaShop back office is “lagging” when you update stock or manage orders? This is a clear sign of underpowered hosting.
• The Checkout Spin: Does the loading icon spin for more than 2 seconds after a customer clicks “Proceed to Payment”? Every second of delay here increases your cart abandonment rate.
• The 504 Gateway Timeout: Have you ever seen this error during a high-traffic event? If so, your server’s “Max Execution Time” is too low for your traffic volume.

You wouldn’t run a high-performance race car on low-grade fuel. Don’t limit your PrestaShop store’s potential by hosting it on a generic server. Performance is a feature, and it starts with your infrastructure.

[Schedule Your Strategy Call with Christian Fillion]

By Christian Fillion E-Commerce Strategist & Founder, Marketing Media

If your PrestaShop store is a “side hustle,” you can host it anywhere. But if your store is your “Bread and Butter”—if it pays your mortgage, your payroll, and your vendors—then treating it like a hobby is a dangerous game.

The most common question we get from growing merchants is: “Do I really need a Dedicated Server? It costs 4x more than my VPS.”

The answer is simple: Do you want neighbors?

Most hosting (Shared, Cloud, and even most VPS) is like living in an apartment complex. You have your own room, but you share the plumbing, the electricity, and the front door with hundreds of other people. A Dedicated Server is a detached house on its own land. You share nothing.

Here is why your primary income source eventually must move into its own house.

1. The “Noisy Neighbor” Effect (Resource Contention)

On a Virtual Private Server (VPS), the hosting company slices one giant computer into 20 small pieces. You get one piece.

The Risk: Software limits can only do so much. If the other 19 “tenants” on that physical machine suddenly get hit with a DDoS attack, or run a massive Black Friday sale, the physical hard drive (Disk I/O) and the physical network card get clogged.

• The Symptom: Your dashboard says you have “Free RAM,” but your site is slow. Why? Because the physical cable connecting the server to the internet is choked by your neighbors.
• The Dedicated Advantage: You own the cable. You own the hard drive. If your site is slow, it’s because of you, not someone else. You have total control.

2. The “Raw Horsepower” (Database Performance)

PrestaShop is a database-heavy application. Every time a customer filters by “Size: Medium,” the server has to do math.

The Risk: VPS environments add a layer of software (Virtualization) between your code and the hardware. This layer adds a tiny delay (latency) to every single database query. When you have 10,000 visitors, those tiny delays add up to seconds of lag.

• The Dedicated Advantage: Bare Metal. There is no virtualization layer. Your database talks directly to the CPU. For large catalogs (50k+ products), this can make your search and filters 2x to 3x faster instantly.

3. The “Custom Architecture” Freedom

When you rent a VPS, you are stuck with the landlord’s rules. You often can’t tweak the “Kernel” (the core of the OS) or install custom firewall hardware.

The Risk: As you scale, you might need advanced caching (Varnish), specific database tuning (MySQL 8 custom config), or specialized search tools (Elasticsearch). On a shared environment, you hit a “Configuration Ceiling.”

• The Dedicated Advantage: You have the keys to the castle. We can tune the server specifically for your unique catalog. We can swap the engine, change the tires, and install nitro. There are no rules except the ones we set.

The Verdict: Is It Worth The Cost?

A decent VPS costs $50/month. A decent Dedicated Server costs $200-$300/month.

Is it worth the extra $2,000 a year?

Ask yourself this: If your site goes down for 4 hours on Cyber Monday because a “neighbor” on your server got attacked, how much money will you lose?

If the answer is more than $2,000, then the Dedicated Server pays for itself in a single afternoon.

Your “Bread and Butter” deserves a vault, not a locker.

If your revenue supports your life, support your revenue with dedicated hardware.

Download our [5-Point Profitability Audit] to see if you have outgrown your current hosting, or schedule an Infrastructure Review below.

? [Schedule Your Strategy Call with Christian Fillion]

By Christian Fillion E-Commerce Strategist & Founder, Marketing Media

We get this question constantly: “I already have Cloudflare Free. Why should I pay $20/month for the Pro plan?”

It is a fair question. The Free plan is generous. It gives you a CDN (speed) and basic DDoS protection. For a blog or a portfolio site, it is perfect.

But you are not running a blog. You are running a PrestaShop store. You process credit cards. You hold customer data. You are a target.

Here is the brutal truth: Cloudflare Free is a fence. Cloudflare Pro is a security guard.

When you are protecting revenue, the Free plan leaves three massive holes in your defense. Here is why the $20/month upgrade is the best insurance policy you will ever buy.

1. The “Carding” Nightmare (WAF)

The #1 threat to PrestaShop stores right now is Carding Bots. Hackers use automated scripts to test thousands of stolen credit card numbers on your checkout page.

• The Cost: Your payment gateway (Stripe/PayPal) will charge you $15–$25 for every single failed transaction dispute. We have seen clients wake up to $5,000 in fees from a single night of card testing.

The “Free” Problem: The Free plan’s firewall is basic. It blocks known viruses, but it often misses “smart” bots that mimic human behavior to test cards.

The “Pro” Solution (WAF): The Pro plan unlocks the Web Application Firewall (WAF). It gives you access to the “Cloudflare Managed Ruleset.” These are advanced rules that specifically look for e-commerce attacks.

+2

• We can set a rule: “If a user fails checkout 3 times in 1 minute, block them immediately.”
• This feature alone saves you thousands in chargeback fees.

2. The Speed “Polish” (Image Optimization)

PrestaShop has a lot of images. Product thumbnails, banners, sliders. Optimizing them by hand is a pain.

The “Free” Problem: Cloudflare Free just “passes through” your images. If you upload a heavy 2MB photo, it serves a heavy 2MB photo to your customer.

The “Pro” Solution (Polish & Mirage): The Pro plan includes Polish.

• It automatically compresses every image on your site by 30-50% without losing quality.
• It converts them to WebP (the next-gen format Google loves) automatically.
• Mirage: It detects if a customer is on a slow mobile connection and loads a low-res placeholder instantly, so they can scroll while the high-res image loads in the background.

3. The “PCI” Compliance Checkbox

If you accept credit cards, you must be PCI Compliant.

The “Free” Problem: The Free plan uses older security protocols that some strict PCI scanners might flag as a “Warning.”

The “Pro” Solution: The Pro plan is fully PCI DSS compliant. It allows us to enforce Modern TLS Only mode and gives you the firewall logs you need to prove to Visa/Mastercard that your perimeter is secure.

The Verdict: Is It Worth It?

Let’s look at the math. Cloudflare Pro costs $20/month ($240/year).

• If it stops ONE carding attack, it pays for itself for 10 years.
• If the image optimization makes your site 1 second faster and gains you ONE extra order a month, it pays for itself.

You cannot afford to be “Free.”

For an e-commerce business, the Free plan is a liability. The Pro plan is an asset. Upgrade your guard.

Download our [5-Point Profitability Audit] to check your firewall rules, or schedule a Security Review below.

? [Schedule Your Strategy Call with Christian Fillion]

By Christian Fillion E-Commerce Strategist & Founder, Marketing Media

We see it constantly. An ambitious entrepreneur invests $10,000 in inventory, $5,000 in design, and thousands in ads.

Then, they put the entire operation on a $20/month shared hosting plan.

It is the equivalent of opening a high-end jewelry store inside a crowded, noisy subway station because the rent was cheap.

The question isn’t “Can I host PrestaShop for $20?” The answer is yes. The real question is: “Can I build a profitable business on $20 hosting?” The answer is No.

Here is the technical and financial reality of what you are actually buying when you choose a budget host.

1. The “Overselling” Business Model

How does a hosting company make a profit charging $20? Volume.

They take a single server and cram 2,000 websites onto it. This is called “Overselling.” They bank on the fact that most of those sites will be low-traffic blogs.

But PrestaShop is not a blog. It is a heavy, resource-intensive database application.

The “Bad Neighbor” Effect: On a $20 plan, you are fighting for resources with 1,999 other strangers.

• If Neighbor A gets hit by a bot attack, the server’s CPU spikes to 100%, and your website slows down.
• If Neighbor B sends 50,000 spam emails, the server’s IP address gets blacklisted, and your order confirmations go to your customers’ Junk folders.

You are letting strangers dictate your store’s performance.

2. The Hidden Limits (IOPS & Inodes)

Cheap hosts promise “Unlimited Storage” and “Unlimited Bandwidth.” This is marketing fluff. The real limits are hidden deep in the Terms of Service.

• IOPS (Input/Output Operations Per Second): PrestaShop needs to read and write thousands of files (cache, images, logs) instantly. Cheap hosts cap your IOPS speed. When you hit that cap (like during a sale), your site doesn’t crash—it just “queues.” Your customers stare at a loading screen for 10 seconds.
• Inodes (File Counts): PrestaShop generates thousands of small cache files. Cheap hosts often have a limit of 150,000 files (Inodes). Once you hit that limit, you cannot upload a new product image, and your customers cannot create a PDF invoice. The system locks up.

3. Support that Doesn’t Speak “PrestaShop”

When your site crashes on Black Friday, you call support. On a $20 plan, you get a Tier 1 agent reading a script. They know WordPress. They do not know PrestaShop.

They will tell you: “It’s a coding issue, contact your developer.” They won’t help you debug a slow SQL query. They won’t tweak your PHP-FPM settings. You are on your own.

The Financial Cost of “Saving Money”

Let’s look at the ROI.

You save $100/month by choosing cheap hosting. That is $1,200/year in savings.

• If your site loads 2 seconds slower due to overcrowding, your conversion rate drops by 20%. If you make $10,000/month, you just lost $2,000/month.
• If your site goes down for 2 hours during a sale because you hit an “IOPS Limit,” you could lose $500 to $5,000 instantly.

You are stepping over dollars to pick up pennies.

The Verdict

If you are a student running a hobby project, use the $20 hosting. It’s fine.

But if you are a Business Owner relying on your store to pay your mortgage, payroll, and vendors, you need Infrastructure, not just web space.

You need guaranteed CPU. You need isolated resources. You need support that understands PrestaShop architecture.

Your hosting bill should be an investment in stability, not a race to the bottom.

Download our [5-Point Profitability Audit] to check if your host is throttling your growth, or schedule a Strategy Call below.

? [Schedule Your Strategy Call with Christian Fillion]

By Christian Fillion E-Commerce Strategist & Founder, Marketing Media

When you buy web hosting, the provider almost always offers a sweetener: “Unlimited Free Email Accounts!”

It sounds like a great deal. You can have info@mystore.com and support@mystore.com without paying extra for Google Workspace or Microsoft 365. You set it up in cPanel, and it works.

Until it doesn’t.

Hosting your professional email on the same server as your high-traffic e-commerce website is one of the most common architectural mistakes we see. It creates a Single Point of Failure that can paralyze your entire operation in seconds.

Here is why we never allow our clients to host email and websites on the same server.

1. The “Bad Neighbor” Effect (IP Reputation)

When you host email on your web server, your emails are sent from the same IP address as your website.

The Scenario: Your website gets infected with malware (or a “neighbor” on your shared server does). That malware starts sending out spam. The Consequence: Global spam filters (SpamHaus, Barracuda) blacklist your server’s IP address to stop the spam. The Fallout: Because your legitimate email uses that same IP, your emails stop getting delivered. You cannot email your customers, your suppliers, or your staff. Your communication dies because your website got sick.

2. The Resource War

Web servers (Apache/Nginx) are optimized to serve web pages fast. They are not optimized to store 50GB of archived emails.

The Scenario: It’s Black Friday. Traffic is spiking on your website. Your server’s CPU is running at 90% capacity handling orders. At that exact moment, your Customer Support manager tries to search through 10,000 old emails to find a refund request. The Consequence: The massive email query eats up the remaining 10% of the CPU. The server creates a bottleneck. The Fallout: Your checkout page slows down or crashes. Your internal operations just sabotaged your revenue stream.

3. The “Total Blackout” Risk

This is the most terrifying scenario for a business owner.

The Scenario: Your website crashes. Maybe it’s a bad module update, maybe it’s a DDoS attack. The server goes offline. The Consequence: You rush to email your developer to fix it. But you can’t. Because the server is down, your email is down too. You try to email your customers to apologize. You can’t. The Fallout: You are blind, deaf, and mute. You are completely cut off from the world until the server reboots.

The Strategic Solution: Decoupling

In the enterprise world, we follow a simple rule: Diversify Your Infrastructure.

We split your business into three distinct silos:

1. The Storefront (Web Hosting): A server dedicated only to serving PrestaShop. It does nothing else.
2. The Communication (Mailboxes): We move your name@mystore.com accounts to Google Workspace or Microsoft 365.
   • Benefit: If your website explodes, your email still works. You can still coordinate with your team.
   • Benefit: Google and Microsoft have 99.9% uptime and world-class spam filtering.
3. The Transactional (SMTP): As discussed in a previous post, the automated emails your website sends (Order Confirmations) go through SendGrid or Amazon SES.

Free is Expensive

The “free” email included with your hosting plan is not a perk; it is a liability. It ties your communication lifeline to your web server’s stability.

Don’t put all your eggs in one fragile basket.

Pay the $6/month for professional email hosting. It is the cheapest insurance policy you will ever buy.

Download our [5-Point Profitability Audit] to review your infrastructure redundancy, or schedule a Strategy Call below.

? [Schedule Your Strategy Call with Christian Fillion]