Magento 1 Support Ends June 30, 2020 And Security Is A Problem

Magento 1 support ends on June 30, 2020

Adobe will officially stop supporting Magento 1 installation after Tuesday, June 30, 2020. When Adobe purchased Magento, Magento had already transitioned development from Magento 1 to Magento 2, mostly fixing bugs, security holes, and adding very few features to Magento 1.

After Adobe purchased Magento, it quickly expanded the development of Magento 2. Unfortunately, for many small businesses that started their online stores on Magento 1, the path to Magento 2 open source or cloud-based Magento Commerce is difficult, and with Adobe’s hosted offering, not cheap either.

This kept many Magento 1 merchants from upgrading to Magento 2 or even considering other solutions. As long as the store worked, why change?

Magento 1 Security And Upgrades

But security is a big issue. With Adobe ending the support of the Magento 1 platform, it will increase the likelihood of hackers trying to find flaws in the platform as it is no longer being updated with security patches.

In an April advisory from Visa, the financial services company highlighted the following potential security issues for merchants staying with Magento 1:

  • Extensions or plug-ins functionality may break or become unavailable.
  • Over time, Magento developers will only be familiar with Magento 2.
  • Merchants will fall out of compliance with PCI DSS.
  • Ecommerce sites will be more exposed to security risks and increased likelihood of an account data compromise due to the lack of security upgrades.

Especially, PCI DSS compliance is essential for those online merchants that do not offload the secure order and payment processing to another platform, independent of the merchant’s website.

But even merchants that do not store sensitive customer data, such as credit card and other payment information, could be exposed to security breaches, cyber-attacks, and other malicious attempts to disrupt their online operations.

A recent FBI warning about a popular Magento 1 import extension should give Magento 1 users pause. This warning highlights the problem VISA warns about regarding extensions that have seen no meaningful development and could turn into a security nightmare for merchants.

Additionally, online commerce is evolving, and while third-party extensions can help expand the functionality of Magento 1, developers are shifting resources to developing on modern platforms that offer a richer buying experience. How much time and energy are these developers going to commit to keep an old extension secure?

Magento 1 installations will not stop working on July 1. Still, the longer online merchants operate stores using the platform, the larger the risk becomes they could be hacked and that doesn’t benefit shop owners and buyers.

Short Term Magento 1 Support Options

Not all is lost today when it comes to Magento 1’s end-of-life support on June 30. For those online merchants that have either fallen behind in transitioning to another platform or just didn’t realize the potential risk involved in continuing to operate the Magento 1 platform, there are a couple of interim options.

  1. Webhosting platform Nexcess announced a support life-line for Magento 1 installation hosted on their service. The hosting company will continue to provide security updates to the core Magento 1 installation for its customers. It also offers to transition existing installations to their hosting service.
  2. OpenMage is an option to keep Magento 1 store operating without having to switch hosting services. According to the OpenMage website, “OpenMage LTS allows Magento 1.x EOL merchants to continue running a secure, stable Magento-based platform while remaining PCI compliant.”

The main caveat with third-party Magento 1 EOL (End Of Life) support offers is that they are focusing on security, not feature updates. It’s all about staying secure and PCI compliant, not expanding capabilities of the platform.

For the short term, this may be sufficient for some merchants. But for the long-term, as ecommerce grows, online stores and brands will need to evolve to offer buying experiences that today’s online shopper expects. Also, none of the independent Magento 1 EOL support options address security issues with extensions that may no longer be supported by the original developer.

The bottom line is that for Magento 1 store owners, the day of reckoning is here. It’s possible to buy a little extra time, but the prudent decision is to move forward and embrace a new online platform. Magento 1 stores will continue to work past June 30, but sticking with a dying platform is not a good business strategy.

Connect With Us And Other Small Business Owners

Please head over to our Facebook Group for Small Business Sellers and interact with other small business owners.

Follow us on FacebookTwitter, and LinkedIn to stay up to date with relevant news and business insights for your online business.

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on email