Category: Miva Shopify Integration by After Dark Grafx New Shopify Website Launched new Shopify Website Launched with this Holiday season version just in time for the holidays. Be sure to visit or for excellent deals on soaps and beauty products.

We are proud to have them as a part of the After Dark Grafx family. From developing their first Miva site over 10 years ago to their new redesign and Shopify Development, Mistral has placed it’s confidence in After Dark Grafx once again. Shopify Integration by After Dark Grafx

Since 1994, Mistral has crafted exceptional quality soaps and beauty products. Their exquisite fragrances and superior formulations celebrate the body while nourishing and soothing the skin. With the lush landscape of Provence as their laboratory, they invite you to experience the transformative power of Mistral.



“After Dark Grafx has been an integral part of our online growth. We know that we are in good hands and do not have to worry about our website. We enlisted James and his company over 10 years ago to create our first eCommerce website with Miva Merchant. We have grown and have now moved on to Shopify to better suite our needs in the marketplace. James and his team integrated and added and recommended the proper Shopify Apps that allow us to be successful today. We know that After Dark Grafx is just an email or phone call away, after all – They work After Dark, So you don’t have to!” – MISTRAL, LLC.

Ship Station Not Importing Orders to Miva

Ship Station Not Syncing with Miva after Two Factor Update

Some users may experience issues with their Ship Station account not syncing to Miva after the latest 9.12 update with Two-Factor Authentication.

If you run into this, there are articles on Ship Station’s Website (Orders Not Importing to Miva) but you will actually have to contact Miva Support to have them make an exception to the user that is connecting to Miva in order to bypass the Two Factor Authentication and/or email login from device. I attempted all other means before contacting support like:

a) Reinstalling Ship Station Module
b) Making the user an admin then reducing the user back to just basic auth user
c) Updated Miva Engine
d) Restarted Server, Apache, Etc.

Save yourself some time and just contact Miva Support.

Hope this helps someone else.

If you need help with this, you may also contact us and we can take care of this for you on as well at our hourly rates.

*Logos are trademarks of specified entities

Two Factor Authorization Miva How To

How to Add Two Factor Authentication to Miva for Admin: The Fastest and Easiest Solution

Get Ready for Miva Merchant upgrade to 9.12

With the new release of Miva 9.12 they will now require two factor authentication. This should be done before the release in the next few weeks.

Even though you have an email account for all admins that sends a verification code to login. You will now be prompted for an additional login method via Two Factor Authentication.

In order to enable two factor authorization on Miva, you will need to:

A) Login to Miva and Select the Admin User
B) Put a checkbox next to the Miva Admin Account
C) Select the TWO FACTOR AUTHENTICATION tab at the top of the accounts
D) Select one of the two factor methods below.


Two Factor authorization works like this. You login to your account with your username and password. You are then presented with another screen to enter a code, token or authorization method in order to access the account.


Explanation of Two Factor Options:
(Descriptions below taken from within the Miva Admin)


1) Time-Based One-Time Password (TOTP) 
((select this one to make it easier and the one we explain below)

A Time-Based One-Time Password (TOTP) is a temporary passcode generated by an algorithm. With the current time used as one of its factors in calculation, the algorithm can ensure that each generated passcode is unique. In order to use this form of two-factor authentication, you will need to download an application (usually on a mobile device, but also available on most desktop operating systems) that will generate a code and display it when you are signing in to your admin account. The process for signing in to the administrative interface is as follows:

  1. Sign in to the administrative interface with your normal username and password credentials
  2. When prompted, enter the One-Time Password generated via your TOTP application (e.g. Google Authenticator)


2) YubiCloud + Yubico OTP
(means you need a physical device plugged into your computer)

Yubico OTP uses pre-configured YubiKeys to authenticate via the YubiCloud Authentication service. This method of two-factor authentication requires the use of a YubiKey that supports YubiCloud Authentication during sign in. A few benefits of using YubiCloud include requiring a device (the YubiKey) to be present during login and unique, secure 128-bit AES encrypted one-time passwords with counters to identify and prevent replay attacks. The process for signing in to the administrative interface is as follows:

  1. Sign in to the administrative interface with your normal username and password credentials
  2. When prompted, insert your YubiKey into your computer’s USB port
  3. Press the button on your YubiKey

This is a stronger, more secure solution.


3) WebAuthn/U2F

WebAuthn is a W3C standard that will allow for multiple forms of single-sign-on and two-factor authentication. Miva’s implementation of WebAuthn used U2F Authentication, which is two-factor only, and will require the use of a FIDO/U2F certified device. Browser support for WebAuthn is currently very limited, and will require you to log in using only browsers that currently support the standard. The process for signing in to the administrative interface is as follows:

  1. Sign in to the administrative interface with your normal username and password credentials
  2. When prompted, provide your two-factor authentication credentials via the supported U2F device


Read the Full Miva Article Here on How To Set Up Two Factor Authentication on Miva Merchant



How to Add Two Factor Authentication to Miva for Admin Users: The Fastest and Easiest Solution

I am going to cover How To Add Google Authenticator to Google Chrome Browser to allow you to login via TOTP
Time-Based One-Time Password (TOTP)

A) Login to Miva and Select the Admin User
B) Put a checkbox next to the Miva account admin that you would like to add and select the two factor authentication tab at the top
C) Select Time-Based One-Time Password (TOTP)


In the Miva Documentation above for this setup it references the Google Authenticator but doesn’t explain how to use it. Here is one method below. You can search for apps that run on your phone or mobile devices as well.  You will need to run this extension each time you login to Miva.


OTP (Google Authenticator) Setup and Configuration

Time-based One Time Password or TOTP is the most popular method of Two-Factor Authentication. This involves using an app such as Google Authenticator (BELOW) to generate a unique 6 digit password each time you login.

Requirements: To use TOTP you’ll need an app such as Google Authenticator, Authy or a browser plugin to handle to TOTP flow.

Steps to setup in Miva

  1. Edit User and Select Manage Two-Factor Authentication
  2. Choose Time-Based One-Time Password from the Drop down

Two Factor Authorization Config

On the next screen, scan the QR code or enter in the text string below the QR code into your Google Authenticator (or similar) app (HOW TO BELOW). Once done, enter in the 6 digit code generated from the App into Miva and click enable.




1) Using Google Chrome, open a new tab or window and go to:

2) Download and Install the Extension

3) Click on the EXTENSION icon (should be in the top of your browser as a little G and it will send you to the extension website to enter your token)

4) Click on the PENCIL top right of the browser

5) Click on the ADD button – bottom left

6) Enter a user or website you want as the name to be referenced for the account access

7) Enter the token from the Miva Admin Page with the QR code that you copied above.

7) It will generate a code for you to enter into your Miva Admin below the QR CODE and token that is displayed. You could always use BACKUP TOKENS later to login but it is better habit to use the GAuthenticator Extension. Go back to the Miva Admin and enter this code below the token

8) Select Enable

9) You will now see a list of BACKUP CODES, download them and store them in safe place.  I would print them and delete them from the computer to be safe.


 You are now setup with two-factor authentication!

Now you have to do this for each of the admins on your site.

Sign In Instructions

  1. Sign in to the administrative interface with your normal username and password credentials
  2. When prompted, enter the One-Time Password generated via your TOTP application (e.g. Google Authenticator)
    You will need to select the Chrome Extension GAuthenticator and click on the new code that it creates and enter that for the two factor code to work.


If you are unsure of how to do this or it sounds too technical, please contact us . We offer this service via a screen share to help set this up on your browser at our hourly rate. 

Yes, you will need to use Google Chrome to login to your admin and to use the extension mentioned above each time you login.


Using a backup code

To use a backup code, click the “Use Backup Token” link below the Two-Factor screen during the login process. Here you can enter in your one time use code:

backup codes

Each backup token is one time use so once it has been used it can never be used again.

Note: There is no way to bulk generate backup codes. If you need more than the initial 10, you would need to disable Two-Factor for that user and then re-enable it which would generate you a new set of 10 codes.

Miva Developer San Diego

Prevent Hackers from Accessing your Miva Admin

The first time a new Miva admin logs in to a Miva account from a new browser, a 6-digit verification code will be sent to the email address on file. This added layer of security will alert you via email if someone is attempting to login to Miva using your credentials.

Browser verification is a new security feature available in Miva 9.10. It adds an additional layer of protection to prevent someone logging into your Miva administrative interface with stolen login credentials. Across the industry, online fraud and credit card theft continues to rise. Attacks to steal login credentials include phishing, malware and malicious activity. Browser verification add an important layer of protection preventing someone who is not you from using your credentials to log in to your Miva admin.

Each time you login to the Miva admin via a new device or browser you’ll be required to enter in a verification code which is emailed to the email associated with your user.

Once entered, a cookie will be set on that browser which by default last 1 year. You’ll be required to do this process for each browser you use to login to Miva with (Chrome, FireFox, etc). For example if you used your home computer to login into Miva to check orders, the very first time you login you’ll need to verify your browser by entering in the authentication code which is emailed to you.

This process also has the benefit of notifying you if someone is trying to use your login credentials as you’re receive an email notifying of their IP address. If this login attempt was not made by you, you’ll then want to change you admin password as someone other then you is attempting to use your credentials to login to the Miva admin.

Miva Two Factor

Editor Note:
Although this may initially seem as an inconvenience, the internet as a whole would be better served if all apps and websites embraced this process to maintain security and peace of mind.




Miva Developer San Diego

Reusing The What’s Popular Carousel Miva ReadyTheme

So for anyone having this issue… (and assuming that you have already have copied over the template from the best sellers)

a) locate the folder in your mm5 or miva public folder called js (this where my scripts are installed)
b) find the file called scripts.js (make a backup of course)
c) edit that file with a text editor. and do a find for this string

// —- Product Carousel —- //
cornerstoneUX.sharedFunctions.productsCarousels(‘# js-whats-popular-carousel’);
it will look like this…

jsSFNT: function () {
// —- Product Carousel —- //
cornerstoneUX.sharedFunctions.productsCarousels(‘# js-whats-popular-carousel’);


I have FEATURED PRODUCTS and NEW ARRIVALS product sliders on my homepage.

so I added this and change the ID # to your ID in your product listing file in the them (see below)

jsSFNT: function () {
// —- Product Carousel —- //


d) Save the file and upload it back to the server /mm5/js/scripts.js

e) Next Login to Miva Admin
f) Click on the MENU top left
h) Then select the ARROW to the right of UTILITIES
i) Your theme comes up –> select PRODUCT LISTINGS
j) 4th line of code down look for this

<div id=”js-whats-popular-carousel” class=”column whole float-none whats-popular-carousel”>

and change it to

<div id=”js-featured-carousel” class=”column whole float-none featured-carousel“>

notice by bolded entries above are the same referenced names as the code placed in the scripts.js file above. If not the same this won’t work. the ID=”js-features-carousel” is the most important. The second one featured-carousel is for specific css styling.

k) Save the setting – then refresh your homepage and your sliders should work.

Just though it would be nice to put a how to! Of course you could just hire us 🙂

Search Engine Optimization San Diego

Make Miva Homepage on iiS Windows Server for web.config

Simply add this to web.config file:

<rule name=”rule 1v” stopProcessing=”true”>
<match url=”^/*$” />
<action type=”Rewrite” url=”//mm5/merchant.mvc” />

Adding this code to the web.config file if I now go to it will load the miva homepage without redirecting.