Traffic Management for Flash Sales

Looking for a way to quickly generate ecommerce revenue? Consider a flash sale! During a flash sale (also called a high volume or hype sale), a large amount of traffic is driven to a storefront for a limited number of products. Like with a brick-and-mortar event of this type, traffic management is a key consideration when planning a flash sale. Although flash sales can put an unprecedented load on your site, pushing the boundaries of scalability and availability, your site can handle the traffic with the right preparation. When you hold a flash sale on Salesforce B2C Commerce, consider these best practices

When you start planning for a flash sale, it’s always a good idea to engage the Salesforce Commerce Cloud team. Our systems are designed and built for high scale and availability. Ensuring our teams know about your upcoming spike in traffic and orders can create a smoother experience for you and your shoppers. We can guide you through the best practices and help you with factors unique to your situation. In addition to the guidelines and considerations provided here, it’s vital that you notify Commerce Cloud Support in advance of your upcoming flash events. Open a case in the Support Portal and provide the details listed in the following article: How to Prepare for a Sale Event.

To ensure that critical resources are available when shoppers visit your storefront during a flash sale, disable or reschedule non-critical jobs until after the sale concludes. This includes code and data replications, order export jobs, catalog and inventory imports, and index rebuilding.

To ensure that the cache has adequate time to warm up before your flash sale starts, don’t clear or invalidate the page cache close to the start of your sale. Likewise, schedule replication activities at least four hours prior to the start of the flash sale.

Use the built-in eCDN functionality and consider increasing the threat level or even enabling Under Attack mode during a flash sale. Under Attack mode presents a CAPTCHA to every unique user before they're allowed to see the storefront. For more information, see Configure the Embedded CDN.

When planning for spikes related to flash sales, it’s easy to overlook third-party integrations across your site, in particular in the checkout flow. These integrations might not be designed for high scalability like B2C Commerce. Consider leveraging our services integration framework for defining third-party integrations. When performance degrades for these integrations, our services framework is designed for non-disruptive failover and rate limiting. The B2C Commerce platform provides a framework that wraps requests to third-party services (frequently made as part of a checkout flow) to provide monitoring and guardrails for them.

Third-party service calls can have a significant performance impact on your entire site when the third-party service stops responding or responds slowly. With the services framework provided by Commerce Cloud, you can adjust the response timeout settings and locking settings for individual services, or you can disable a service altogether. A single slow-responding service, when not properly safeguarded, has the ability to severely impact the usability of your storefront for all shoppers. In the worst case scenario, a slow-responding service can render your site unusable. Set timeouts for all third-party service requests, based on the typical responsiveness of the service. Generally, B2C Commerce guidelines suggest two seconds or less for non-checkout services, and five to 10 seconds or less for checkout services. For more information, see Web Services. We also recommended that you contact all third-party service providers ahead of your flash sale, so they can make preparations. To prevent overloading database resources if a third-party integration stops working, avoid placing web services in business logic that opens a database transaction.

When product IDs are available prior to a flash sale, shoppers can make preparations to bypass normal page and checkout flows, resulting in an unfair advantage. This behavior affects the scalability of the flash sale, because requests to add a product to a cart and checkout are resource-intensive operations on the platform. During a flash sale, these operations occur at a much greater ratio than usual. In addition, not providing product IDs makes the creation of automated bots and scripts more challenging.

Set up the ability to rate limit requests made to the storefront and adjust the rate limit configuration in real time. Often a bot or script can make a large number of requests in a short amount of time (much greater than that of human shoppers). When properly configured, throttling or rate limiting incoming requests impacts only the bot or script requests and not your actual shoppers. Many CDNs have the capability to rate limit incoming requests based on a number of configuration parameters, and a Web Application Firewall (WAF) can do real-time analysis of incoming requests based on a predefined set of rules.

To help ensure human shoppers are buying products during your flash sale, plan ahead for bot mitigation. Flash sales that offer deeply discounted or strictly limited stock tend to attract malicious users, who try to amass a large inventory of the discounted products to resell later for a profit. The deeper the discount and the more limited the inventory, the higher the risk of bot traffic overwhelming your site. Consider the following strategies to reduce bots from getting large amounts of inventory.

  1. Wait until the last minute to announce the sale. Bots take time to write and must be customized to your checkout process. You can segment the sale to a separate portion of your site and send out the sale announcement via social media only.

  2. Change a portion of the checkout flow during the flash sale. For example, add an interstitial page that requires the shopper to click something, or enable CAPTCHA. CAPTCHA is extremely useful in mitigating bot traffic. Placing the CAPTCHA implementation before the add-to-cart operation provides the added benefit of controlling the flow of requests to the add-to-cart pages.

  3. Require an account to make a purchase. This option works only if you implement custom code rate limits. For example, consider placing limits on how many orders can be placed per second, per account, or how many credit cards are allowed per account.

  4. Consider deploying a bot mitigation service, especially if you’re selling collectibles or other desired products. Services that we offer in our LINK Partnership include PerimeterX and DataDome. Bot management solutions offer advanced detection features to identify human users without negatively impacting the shopper experience and advanced mitigation options, like honeypots for huge downloads that increase the cost to the bot owner.

  5. Require preregistration that includes payment authorization to ensure real interest in your flash sale

    • For payment processing:
      • Integrate your site with a payment or fraud detection provider.
      • Create a specific risk profile with more strict rules for purchasing. For example, place an order limit for each shipping address, IP address, or email. Such a profile also can block known fraudulent users based on ZIP code, email, and so on.
      • Activate the risk profile only for the duration of the sale to avoid impacting regular business.
    • During presale processes, monitor site behaviors as soon as sale products are announced. You can potentially discover endpoints that bots exploit, or patterns that they might use on the day of your hype sale.

Consider presenting a lightweight version of the product details page (PDP) prior to the product being available, such as a PDP without an Add to Cart button or link. This approach supports the caching of key page elements prior to the product being available for purchase, which improves page performance during the sale. Plan ahead for the proper segmentation of cacheable elements (using remote includes) and allow enough time for caching (in general, 24 hours or more for most PDP elements).

As a best practice for flash sales, avoid reserving the inventory when shoppers add products to the cart. Reserving products when they are in the cart tends to result in a higher number of abandoned carts and aborted checkouts compared to reserving the product inventory when the order is submitted.

Moving the inventory calculation logic to the very end of the checkout process helps to ensure high order throughput and low contention by selling on a first-come-first-serve basis. However, if your business requirements support inventory reservation in the cart, consider the following tips:

  • Make the reservation time as short as possible to avoid aborted sessions from blocking the checkout for other shoppers. Longer reservation times increase the chance of artificially prolonged or abandoned events.
  • Consider using a different checkout flow just for flash sale products. Allowing carts with a mix of flash sale and regular products adds overhead, because all items in the cart are reserved. In this case, the size of the cart directly impacts the possible throughput for the high-demand sale products.

Just like with brick-and-mortar flash events when a large amount of foot traffic is expected at a physical location, using a raffle system can help manage the traffic that’s allowed into a virtual storefront. A raffle or reservation system generates flash around your promotion but reduces traffic to the specific products that are available in limited quantities. Only certain shoppers, like raffle winners or those with reservations, are granted access to purchase those products.

To help ensure your backend systems aren’t overwhelmed by demand for popular products in limited stock, you can create a virtual waiting room. Waiting rooms limit the number of shoppers allowed to purchase products at a given time. When the maximum number of shoppers is reached on designated pages, new shoppers receive a waiting page that doesn’t access backend systems. When paired with presale load testing and traffic forecasting, waiting rooms help control the storefront load while maintaining a positive shopper experience.

Implement the waiting room for more than just your home page. When you include all the pages that a shopper visits to purchase flash sale products, you help prevent shoppers from bypassing the waiting room. To control storefront traffic, you also can apply waiting rooms in front of the storefront.

In addition, you can configure the number of shoppers allowed in a waiting room at a given time. This number can even be dynamic based on the percentage of shoppers on your site. Visitor Prioritization Cloudlet from Akamai offers such a solution. For example, you can specify that only 1% of shoppers are allowed into the waiting room. If you have 100,000 shoppers on your site, only 1,000 are allowed into the waiting room.

By implementing these traffic management best practices, you can host a flash sale knowing that your site can scale to handle the additional traffic. And remember: When you start planning for a flash sale, engage the Salesforce Commerce Cloud team. We’re here to help!