Use HTTPS only

Install a TLS certificate (formerly SSL) so every page can be served via HTTPS.

Visit: Magento Admin > System > Configuration > General > Web > Unsecure

Base URL	https://example.com/

Visit: Magento Admin > System > Configuration > General > Web > Secure

Base URL	https://example.com/
Use secure URLs in frontend	Yes
Use secure URLs in admin	Yes

References

• Nexcess: How to enable Let’s Encrypt
• Moving to HTTPS: Magento
• Inchoo: Enter HTTPS
• Shero Designs: Moving Your Magento Store From HTTP to HTTPS

Setup cron schedule

Scheduling cron on the server is required for Magento to send transactional email.

Cron will run every 5 minutes with this configuration:

Minute	*/5
Hour	*
Day	*
Month	*
Day of week	*
Script	/bin/sh /chroot/home/{account}/{domain}/html/{subdomain}/cron.sh &> /dev/null

Make sure the script path matches your site’s domain.

Setup database access

To prevent a MAMP issue with re-indexing change the <host> value to 127.0.0.1:

File: /app/etc/local.xml

<resources>
    <default_setup>
        <connection>
            <!-- <host><![CDATA[localhost]]></host> -->
            <host><![CDATA[127.0.0.1]]></host>

            <username><![CDATA[]]></username>
            <password><![CDATA[]]></password>
            <dbname><![CDATA[]]></dbname>
        </connection>
    </default_setup>
</resources>

Reference

• Stack Exchange — PDO Exception error on index

System > Permissions

Blocks

Enable the following blocks to ensure you can render {{block}} directives in CMS Pages.

• catalog/product_new
• cms/block
• core/template

System > Configuration

[todo]