WooCommerce is an ecommerce plugin for WordPress. You can download this plugin for free from the WordPress plugin repository, or you can install it with just a click or two from the convenient plugin installation tab within your site’s administrative back-end.
For this review I tested WooCommerce version 2.0.20 on a clean installation of WordPress 3.8 running in debug mode, with PHP errors set to E_ALL. On the front end I am running a stock installation of the “Twenty Twelve” theme.
The WooCommerce plugin is developed by the people who brought you WooThemes. There is no shame in having a profit motive, but it’s worth keeping in mind that this free e-commerce plugin is intended to work best with themes that cost money.
WooCommerce is by far the most popular plugin I have reviewed so far. It has been downloaded a staggering number of times, nearly 2.12 million and counting. It has an average user rating of 4.1 out of 5 stars. A large number of people love it, and a few people really hate it.
I do always check to see what the one-star reviewers are kvetching about, to see if they are simply untrained WordPress users or if they have legitimate cause for being disgruntled.
The first review I read complains that the plugin, out of the box, is not compatible with stock WordPress themes, and that the configuration required to make a theme compatible with the plugin is beyond the ability of a non-developer. Next there are a couple of reviews complaining about the paid support, I won’t be able to comment on that because I’m only reviewing the free version of the plugin. Somebody else states that the settings are not intuitive. The next reviewer required some support with PayPal integration, and got it by venting in the forums. And that’s a good enough overview of some of the potential pitfalls we might discover during this plugin review.
Let’s get started and go Woo!
This is no lightweight little plugin here. The .zip file for WooCommerce 2.0.20 is a hefty 4.7MB; and the folder takes up a massive 19.7MB of disk space when uncompressed and installed.
The plugin activation goes smoothly. There are no error messages or anything. I immediately see two new menu items in my wp-admin’s left sidebar: WooCommerce and Products. We’ll explore those presently. More pressing is this big purple notification at the top of the page. It wants me to “Install WooCommerce Pages.” I don’t know what that means, but what the heck, let’s try it.
I click the “Install WooCommerce Pages” button and see a screen that says, “Welcome to WooCommerce 2.0” with no explanation of what just happened. I assume the change occurred in the background, probably by creating dynamic pages for the shopping cart feature. We’ll find out soon. For now, let’s click that pretty purple “Settings” button.
WooCommerce Plugin Setup
This takes me to the “General Options” tab of the WooCommerce plugin dashboard.
Setup begins with some basic configuration options, like what country I’m in and whether users should have to create an account in order to check out. The first thing I want to know is, why isn’t the “Prevent customers from accessing WordPress admin” option checked by default? Why is that even an option? Is there any website owner who really wants their customers messing around in the administrative back-end of the website? I think not!
The default settings also assume I’m in Great Britain: currency is pounds sterling, weight in kilograms, dimensions in centimeters. Don’t these people know that America is the center of the known universe? (Just kidding. No, really.)
So I change the default settings to something more applicable to my situation.
The “Catalog” tab controls options for pages that list many items, and the data associated with those items. The “Pages” tab allows me to select the pages associated with certain order-processing functions. These must be the pages that were created when I clicked “Install WooCommerce Pages” above. A quick visit to the “Pages” link on my installation confirms that my installation has quietly gone from a site with a single page named “Sample Page” to a full-fledged shopping site with pages like Cart, Checkout, Order Received, Change Password, and View Order. All good, except, what the heck is a “Mijireh Secure Checkout”??
Naturally that’s the page I visit first. It still makes absolutely no sense. There’s an orange button labeled “Slurp This Page” and below it, a Fatal Error caused by an Uncaught Exception. The Exception is complaining that I haven’t entered an access key; but nobody has asked for one yet! This is odd, but life goes on. All I can say is, this Fatal Error does not make me want to Slurp anything.
For the purpose of this review, I’m going to quickly populate the remainder of the settings with example defaults that would apply to many small manufacturers and online e-commerce stores: for example, people selling jewelry, soap, or self-published books. I’m less concerned with digital downloads at the moment, although the plugin clearly supports them.
The “WooCommerce” link in the sidebar opens the “Orders” screen, which is of course empty. Back to the “Settings” screen, I go to the Tax tab. Oregon has no state sales tax, but if I sold something to a customer in Washington state, I would have to pay Washington state sales tax, so I’ll configure that here. Actually there’s not much configuration, it doesn’t ask me the percentage to charge, I just check the box and that’s it.
Shipping is perhaps a greater concern to many small ecommerce stores, because shipping costs can have a hefty impact on the profitability of a company selling low-price items. I’m concerned that “Free Shipping” is enabled by default, with no obvious way to disable it. This setting turns out to be located in the sub-menu at the top of the screen.
So I disable free shipping, but now I don’t seem to have any shipping options left. The plugin seems to want me to select Flat Rate, but what if I’m not a one-size-fits-all kind of business? Many customers would abandon their cart if asked to pay $12 for shipping on an item that only costs $8. More on this later.
Next is the all-important Payment Gateway tab. Out of the box, it does not support gateways like Authorize.net. But by default it enables Direct Bank Transfer or “BACS.” Let’s think about this for a moment. Am I in Brazil? Would YOU pay for anything with a direct bank transfer? As a merchant, if somebody wanted to make a payment via direct bank transfer, wouldn’t you immediately suspect them of attempting to commit wire fraud? Well maybe I’m overly suspicious. But I’m immediately disabling this option, even for my test installation. Also I usually wouldn’t want to accept payments by check for the same reason, but the plugin offers a convincing argument in favor of leaving this payment method enabled: it allows me to test the checkout system from start to finish without actually making a payment.
Next, I check “System Status.” I expect to see something like, “You have configured WooCommerce but you haven’t created any products yet.” Instead I see a review of my server resources, apparently for the purposes of troubleshooting by the plugin author’s support department. The plugin is complaining that I haven’t allocated enough system memory to PHP. That suggests to me that this plugin must be resource-intensive. The “System Status” also grumbles that I have not enabled the SOAP Client class. If I were on a live server, I’m sure this would be enabled by default.
That’s about it for the basic setup. Let’s see what changes the plugin has made to the system so far.
Behind the scenes
The most obvious change is that the plugin automatically created 12 new pages for my website when I clicked the “Install WooCommerce Pages” button.
But let’s dig deeper.
No filesystem changes
The plugin hasn’t made any obvious changes to the filesystem, outside its own plugin folder. That’s a good thing. In my earlier reviews, there were a few security plugins that did this, but there’s no good reason why an ecommerce plugin would save data or change files outside its own files.
Obviously the plugin is storing a lot of information in the database. A quick check with the MySQL console tells me that WooCommerce has created 7 new tables in the database.
Not only that, but perhaps more significantly, WooCommerce has added a whopping 101 new configuration records to the wp_options table!
Wow. With more than a hundred options stored in the database by this plugin, I won’t be able to review them all individually. But let’s briefly examine some of the database tables that the plugin created.
I’m sorry to report, the tax rates table is empty. I didn’t see a place to enter a rate, when I went through the setup earlier. So I don’t know how this plugin will calculate taxes. Similarly there’s not yet anything stored in wp_woocommerce_tax_rate_locations.
The tables relating to orders and downloadable products are understandably empty, since this is a fresh installation and I haven’t done a test order yet. The table wp_woocommerce_attribute_taxonomies seems to be one of those obscure data-relationship information schematics that professional software developers seem to think are always necessary just to print “Hello World.” Like the other tables, this one is still empty. Well, I haven’t created any products yet, so that’s no big surprise.
Now it’s time to see how this plugin really performs. In order to do that, I’ve got to create a product.
Create a product and set up shop
I go to the “Products” menu in the left sidebar, and click “Add Product.” Looking at the “Add New Product” page, I can see this is built on a custom post type, with a number of post_meta attributes available.
So I make up some placeholder data and save my new product. What I want to know first is, how will users ever find my new product?
I go to Appearance > Menus and add the “Shop” page to my header navigation menu. That should sort this out, I hope.
Next, I visit the site’s homepage. For this review, I’m running a stock installation of the ever-popular “Twenty Twelve” theme for WordPress. Across the top of the page is the “demo store” message that I authorized under “General Settings” in the first step. There in the header nav menu is my new “Shop” link. Let’s click it.
So far, so good. Here is my example widget, regular price $6,000 but on sale for 50¢. I should have added a product picture. Let’s do that now.
Question: what is the difference between the “Product Gallery” and the “Featured Image”? To find out, I use the same image in both places.
The difference appears to be that the “Product Gallery” image is resized to fit in a small square box. Since the image I uploaded is rectangular, there is a blank space at the bottom of the square box. The “Featured Image” is the usual WordPress featured image, and I can’t remember if this theme shows that by default.
Proceeding directly to the product page, I see that the “Featured Image” and the “Product Gallery” image are both displayed, one above the other.
There is also a fancy tabbed product information system, where the first tab displays the information I typed in about the product, and the second tab allows website visitors to type in their own reviews of the product.
There is no way to disable so-called “customer reviews”
As it happens, I think user reviews of products are about as reliable as spam comments on a blog post; and I only say that because I personally know someone who gets paid very well to pose as a legitimate customer and write product reviews on well-known websites.
Let’s see if there’s a setting that will discourage this kind of spam and drive-by anonymous libel.
No, there doesn’t seem to be. Under “Product Ratings,” the options are “Enable ratings on reviews,” “Ratings are required to leave a review,” and “Show ‘verified owner’ label for customer reviews.” The fact that a reviewer is not verified will not stop them from leaving a review. In fact there is no setting for disabling reviews. You can disable ratings; but you can’t disable reviews. This leaves your store wide-open to comment spammers and trolls. Not good!
This bothers me enough that I’m going to see if there’s any way around it. In my wp-admin, I go to Settings > Discussion and disable all comments. I go back to the product page, and I’m still able to add a fake review without any trouble. No moderation is required. As a store owner, this would make me very angry. Do the plugin authors truly believe that a system like this will not fill up with spam? Have they never tried to run a blog? Yowsers.
Well, there’s no immediately obvious way to prevent people from leaving reviews; but at least you can delete reviews from the “Comments” section of wp-admin. If some bot came in and posted ten thousand reviews within an hour, you’d be a busy beaver trying to get rid of them all, but at least it’s hypothetically possible.
So now I see that my earlier reviews were instantly approved because I was logged in. When I try to leave a review from a different browser, it says an administrator has to approve my review. Never mind that I have disabled comments in my discussion settings!
Placing an order
Well, let’s try to get through an order.
Next, I view my cart. The plugin works well so far. I don’t know about the purple, but I’m sure I could have customized that under general settings if I had been so inclined.
The next thing is to calculate the shipping. I tell the system that I am located in Seattle and bam, I get a glaring red X and an error message that there are no available shipping methods for my location in the United States.
Terrible, terrible. Let’s go back to the settings and see if we can track down what I did wrong.
Shipping is all messed up
Back at WooCommerce > Settings > Shipping > Local Delivery there is an option to charge either a fixed amount or else a percentage of the cart value when this option is enabled. This doesn’t seem like a flexible or accurate method of determining shipping costs. But we’re not looking for “local pickup”, or “international delivery”, or “free shipping.” The only other option available is to go back to the “Flat Rate” options.
Well, this is a bit complicated, but it appears to have more options than simply a single flat rate for any order regardless of size. I could do that, by setting the “Cost per order” field. But not all orders are the same. What I want is to be able to charge less shipping for small orders of small items, and to charge more for shipping large orders, and/or orders for large, heavy, bulky or oversized items.
This is not intuitive. I can set a “minimum handling fee” but I have to assign “shipping classes” somewhere in order to be able to assign a specific cost to a shipping class. Where do I even create the shipping classes?
I eventually found “Shipping Classes” as a submenu item under the Products menu.
So first I have to create a shipping class as appropriate. Then I can assign an upcharge to that class in the shipping options under the WooCommerce > Settings > Shipping > Flat Rate menu. Finally I can assign that shipping class to my item that I’m trying to sell. And when all that’s done, the upcharge should be factored into my sale price. Let’s find out.
This is still not working. I think I have everything set up, but I still can’t get the plugin to agree to ship to me in the remote land of the United States. In frustration, I change my shipping method’s “Availability” from “All allowed countries” to “Specific Countries” and then select “United States” from the dropdown menu. I go back to the checkout page, and I am greeted with the exact same error message I had seen before.
How can this be the most popular ecommerce plugin in the world? I can’t get a simple shopping cart to let me ship a single product.
I finally found the solution. If you’re charging shipping based on the “Flat Rate” method then you MUST assign a “shipping class” to EVERY item. An item without a shipping class will be un-shippable!
Alas, this isn’t working the way I wanted it to work. In the “Flat Rate” shipping options, I had set a price for shipping an item of a certain product class. I’d have assumed that shipping two items of this type, would apply the flat rate twice. But no. My cart currently has 10 items in it, and the flat rate shipping price has only been applied once.
My best guess here is that the plugin author wants me to purchase a paid upgrade in order to accurately calculate shipping. I don’t see any specific messages to this effect but I do see this little notification in the upper right-hand corner of the plugin administration screen.
The last step is to test the checkout process itself.
I enter my billing information and create an account with a very, very weak password.
The system does not complain about the very, very weak password. I’d say this is a significant flaw. There’s always a tradeoff between security and usability. Granted that this is the checkout page, and what we really want customers to do is complete the checkout. However, if the customer’s account gets hacked in two weeks, they’re going to be mad at us, not at themselves for using a stupid weak password. I think a better solution would be to say something like, “Success, your order was received BUT we could not create your account because you entered a stupid weak password. Would you like to try again with a stronger password?” Or, better still, the “create an account” form could feature one of those real-time password strength meters that lets people know when the password they have entered is strong enough that it wouldn’t get brute-forced by my cat.
Well, that about wraps it up. Now that I’ve placed an order, the system displays my order on the very stylish “Orders” page.
This type of feature is a great benefit to website owners because it allows them to track orders and even run reports (there’s a whole menu item dedicated to reports).
My final check is to see, now that I’ve created an account, what happens when I go to leave a review?
It treats me like a logged-in customer; not like a logged-in WordPress administrator, which is good. I’m allowed to submit the review, even though comments are disabled under my site’s “Discussion” settings, which is not good. However, my other “Discussion” settings do apply, and a moderator will have to approve my review before it will be displayed publicly.
The final test of any plugin is what it does when you switch it off. That’s especially critical in a plugin like this, that creates so many entries in the database. What happens to that data when the plugin is uninstalled? Let’s find out.
First, I deactivate the plugin. This leads to some strange behavior with the product reviews on the public-facing site. The sidebar still lists all the reviews – and pending orders! – as comments, but when I click the links, I get 404 “Not found” errors.
Next, I actually delete the plugin. Oh, the result is not graceful. The “Store” page in my navigation menu no longer links to any content, which throws up a PHP Notice-level error. That’s easily fixed, but these darn sidebar menu links are still there. Reviews on a product that has been deleted, and this strange “Order” record timestamped at nearly 4am. Now, I’m a night owl at times, but I don’t think I was up quite that late working on this project.
It already looks like I’ll have to manually delete some data in order to clean up this installation prior to my next review. So much for the public-facing side. What does the back-end look like after uninstallation?
The database. Bad news, folks. WooCommerce does NOT clean up after itself. Yes, the folder is gone, but the database tables are still there. Not only are the tables wp_woocommerce_order_itemmeta and wp_woocommerce_order_items still present in the database, but these tables still contain all the order data that was saved in them! This is great if you later decide to re-install the plugin; it is not so great if you’re trying to make changes to your system.
That’s a problem. On the other hand, I’m pleased to report that WooCommerce DID remove more than 100 option records from the wp_options table. The only WooCommerce related values remaining in wp_options are a few items relating to sessions, and a few transients related to attribute taxonomies and similarly obscure data types.
So this is not a complete cleanup, but it’s better than nothing. On the other hand, I’m concerned to note that there are so many session records in the options table. Given the controversy surrounding competing plugins, this could even be worthy of additional investigation. But not right now.
System folders. When you install WooCommerce on your website, it creates a new directory within your site’s “uploads” folder named “woocommerce_uploads.” When you uninstall the WooCommerce plugin, this directory and its contents are NOT deleted from your system. They remain on your server, even if you switch to a different ecommerce plugin.
Shipping. In terms of calculating the shipping costs, I have worked with much better e-commerce systems than WooCommerce. I’m frankly disappointed. There’s no option to get prices from a real shipping service like USPS or FedEx. The thing with the product shipping classes is emphatically NOT user-friendly for the store owner, and doesn’t work the way I wanted it to. A paid upgrade might resolve the problem, maybe, but I’m only reviewing the free version here.
Customer reviews. The way this plugin allows people to leave reviews even when all comments are disabled and the website owner does not want to allow reviews, is potentially extremely aggravating, and a magnet for spammers.
Errors. Oh, and the “Secure Shipping” page threw a Fatal Error – Uncaught Exception.
Weak passwords. My opinion is, if it allows customers to create accounts, then it should require customers to use strong passwords. I mean, it’s even got this big message when you activate it that it’s so secure.
Not a clean uninstall. The plugin cleans most, but not all, of the changes it made to the wp_options table. However it leaves two orders-related tables installed on the system database, complete with all order data. Also, it leaves behind the extra folders that it created in your uploads directory.
The final word on WooCommerce: It’s good, but it’s not perfect. Is it the best one, despite its flaws? We’ll find out.
Coming soon: I’ll review some more e-commerce plugins for WordPress.