Yotpo Technical Overview

This article provides an overview of the Yotpo's information architecture, application security policy, and system backup policy and procedures. 

Information Architecture

Yotpo's microservices architecture does the majority of the heavy lifting for Yotpo’s core architecture where every service is responsible for a dedicated component and has its own dedicated database.

Yotpo Admin

Yotpo users manage their implementation via the Yotpo Admin - the main user-interface through which UGC content is collected, moderated, managed, and customized. 

Yotpo On-site Presence

Yotpo's offering includes a wide range of on-site widgets which are implemented on merchant storefronts. Yotpo’s widgets populate user-generated content collected via Yotpo's multi-channel review collection methods. All of the above-mentioned projects utilize Yotpo's API services which also serve Yotpo customers and enable them to extend core functionalities towards generic and/or customized integrations and deployments.

Technologies

Real-time Capabilities

Yotpo serves several billion requests every month throughout the entire platform. To cope with such loads, Yotpo heavily invests in caching and static serving infrastructures.

We employ a strong cache layer implemented above Redis at the API level. Additionally, Yotpo utilizes CDNs solutions such as Akamai, Edgecast and Cloudfront to serve both static, and dynamic content.

Infrastructure

Yotpo's information architecture and infrastructure was designed and built for scalability from day one. The key scalable components of the system being the on-site storefront widgets and the Yotpo API. 

Those parts of the system should have the ability to serve billions of monthly requests while simultaneously maintaining an fast response time and high SLA. To do this, Yotpo makes use of Akamai and Edgecast dynamic CDN solutions which offer the following benefits:

• Removing stress and bottlenecks from the Yotpo API. 
• Improve delivery performance in terms of response time across different geographical regions.

Network Architecture

Yotpo web servers and databases are hosted on Amazon Web Services (AWS) where all our AWS servers and databases are located within Amazon Virtual Private Cloud (VPC). 

AWS VPC uses security groups as a firewall to control traffic at the instance level, while it also uses network ACL (Access Control Lists) as a firewall to control traffic at the subnet level.

Yotpo servers are distributed across a wide range of AWS availability zones to ensure a high level of fault tolerance and stability. In each of the availability zones, Yotpo maintains a NAT instance within public subnets to allow internet access from servers located within private subnets.

Elastic Load Balancing

Yotpo uses application load balancers to allow distribution of the data across all instances.

To do this, the Yotpo API utilizes two load balancers: 

1. Internal load balancer to distribute requests from within all Yotpo web servers. 
2. External load balancer to distribute direct API requests.

The load balancers send the requests to dedicated Nginx servers which redirects requests to their relevant back-end services.

Relational Database Service (RDS)

Yotpo uses Amazon Web Services (AWS) Relational Database Service (RDS) for some of its main databases. These databases are deployed in a Multi-Availability Zone configuration - meaning that there is a primary database instance which synchronously replicates data to a standby database instance in a different availability zone. In case of an infrastructure failure, a failover to the standby instance is performed. 

Caching

Yotpo utilizes Redis key-value database for caching of responses in order to reduce the response time of API and widget requests. To do this, Yotpo utilizes two main levels of caching: 

Content Delivery Network (CDN)

Yotpo load balances between Akamai and EdgeCast as our content delivery networks to deliver static on-site assets and widget content to our customers’ websites with minimal latency.

Redis

Yotpo utilizes Redis key-value database for caching of responses in order to reduce the response time of API and widget requests.

Auto-Scaling

All of Yotpo’s servers have auto-scaling configurations. Using this configuration, certain system metrics such as CPU usage and traffic throughput automatically add new instances to safeguard against any potential degradations in system performance.

Additional Databases

Yotpo uses MongoDB, Cassandra DB, and ElasticSearch as part of its system. These databases are hosted within Yotpo’s Amazon EC2 servers in a cluster mode. The clusters have backups and auto-scaling abilities to prevent data loss and maintain the highest degree of availability. 

System Security

Authentication

Yotpo offers two authentication methods - API Authentication and Email & Password Authentication.

API Authentication

Each and every Yotpo account possesses two unique keys: 

Using the App Key and Secret Key, Yotpo users can generate their uToken (API Token) which is required to perform most actions via the Yotpo API. 

• The API Token provides access to a specific account. 
• The API Token expires 30 days after its creation unless it re-authenticated.

Email & Password Authentication

Each Yotpo user must provide an account email address and create a password to be identified within the Yotpo system. Yotpo employs strong password requirements where each password must consist of the following:

• At least 8 characters
• At least 1 uppercase letter
• At least 1 lowercase letter
• At least one numeric digit 

Upon creation, login credentials are encrypted and stored within Yotpo’s database to ensure the highest degree of PII security.

Users are required to provide their account email address and password in order to log in to the Yotpo Admin at yap.yotpo.com and each session remains active for XXXXX hours before a timeout and session expiry occurs.

Once logged in to the Yotpo system, end-users may access all accounts (eCommerce stores) associated with their user instance, with the appropriate account privileges as designated by the Yotpo account administrator. 

Roles & Permissions

In order to perform different actions in the Yotpo back office  require the appropriate roles and permissions must be set. 

Yotpo addresses three different user personas:

Every non-public action in the Yotpo System requires the account user to have the required set of permissions. For example, an account user without Insights Only permissions will not be able to access Yotpo Insights. Learn more about Roles & Permissions

Communication & Data in Transit

Yotpo supports communication over SSL protocol to ensure encrypted communication over the internet. This connection uses TLS 1.2 with 128-bit encryption.

HTTPS requests can include:

• All activities performed through the Yotpo Admin
• API requests
• All widget requests performed on secure pages

Yotpo protects against CSRF attacks by means of CSRF tokens included in all forms and AJAX requests.

Data Backups

Yotpo follows a strict policy to ensure that customer data is highly secured and backed up to protect against data loss and unauthorized access. This policy includes regularly scheduled data backups as well as diversification and distribution of data across various services. 

Yotpo’s data resides within three primary repositories:

RDS

RDS is a Relational Database Service provided by AWS. Yotpo uses AWS RDS as a MySQL and Postgres servers. Yotpo uses these databases to save its business logic data: account data, user data, reviews, etc.

EC2

MongoDB, CassandraDB, and Elasticsearch clusters. Yotpo uses these databases to store logic data and business data like orders, links, etc. along with some analytics data. 

Source Code

Yotpo has multiple projects written in various languages and frameworks. Yotpo’s code is a crucial part of its system, containing proprietary and complex algorithms.

Backup Policy & Procedures

RDS

• The MySQL Database is backed up every 3 hours and saved for 35 days. Over time, these backups are purged resulting in backup availability of 3 hours for the two most recent days of this cycle, and a once-daily backup for the remaining 33 days. 
• Backups are hosted on AWS S3 and distributed across different services to improve data survivability. 

EC2

Daily snapshots - All cluster data is backed up on a daily basis. These backups are maintained in AWS S3 and daily snapshots are saved for a total of 30 days each. 

Source Code

All code projects are saved in GIT source control.

Disaster Recovery Plans

Yotpo's disaster recovery plan (DRP) protects against two main types of potential system disasters - Infrastructure Disasters and Data Disasters.

Infrastructure Disasters

Potential infrastructure disasters can include the following:

• Regional AWS outage
• AWS zone outage
• Application outage 
• Application infrastructure outage 

Expand each section below to learn more about each potential infrastructure DRP.

Data Disasters

Data disaster type can include Human Error or Data Corruption scenarios.