It was wonderful while it lasted. Until about last July.
For 3-4 years I've been recommending Zenfolio to all and sundry and really enjoyed my experience with them. Since around last July though that trust and enjoyment has evapourated. I saw a rep at the UK's Photography Show last March and expressed concern. This year, as far as I'm aware, TheImageFile will have a stand at the show and they've recently won a prestigious award.
Returning to Zenfolio, I don't know if you'll "Reach out to me" - what a godawful expression you use - the shopping "experience" is terrible. The https thingy seems to have been ignored. This email situation is not resolved. The 7% commission on self fulfilled products when I already pay a decent subscription is rape.
I've looked at loads of other providers like Wix, Webflow, Smugmug and Shootproof (who I've used in the last few months) and various others.
TheImageFile will have my business as from next week and my subscription in March with Zenfolio will not be renewed.
I have brought this up a couple of years ago already. But nothing seems to have changed. Did anybody notice the lack of HTTPS over the entire backend of Zenfolio (that is the Zenfolio Interface of the Edit/Customize View)?
Nobody thinks this is maybe a serious neglect?
There is a reason why even the most notorious sites (Google, Facebook etc) have meanwhile fully integrated and defaulted to HTTPS as the standard for browsing and using their services.
Imagine: you login to your Zenfolio account through a public Wifi network. Most of these networks will be unencrypted. ( And I bet most of the Zenfolio users, let alone their customers, do not [want to] know a thing about this. ) Your login and Zenfolio traffic can be easily captured by anybody in the same network – because Zenfolio still hasn´t got HTTPS in place. This is not a fairytale – but it is an actual threat to your account and your data (source images).
In combination with the lack of a strong two-way-authentication on the Zenfolio system, the slack approach of Zenfolio to securing Zenfolio accounts asks for trouble: the likelihood of a hijacked account increases, because of the lack of these basic security features. It is your source images we are talking about here.
Or: A client logs in to a gallery and does so via a public network. Same problem: the login page is not secured. The login is fairly easy to capture.
What we see instead is a wild patchwork of pages of the Zenfolio backend interface that work through HTTPS, like initially calling up your Edit view this way:
The interesting thing here is: The Zenfolio backend actually has been working through HTTPS for years now. Technically, there seems to be no reason not to fix all those hard-coded links to unsecured HTTP pages and functions that populate the interface of the backend.