Magento 1 end-of-life: why you must act now

Most people are aware that support for Magento 1 will end in June 2020. Magento 2 was launched five years ago and Adobe (Magento’s owner) now wishes to concentrate its efforts on this improved version. While this makes perfect sense, the consequences for online retailers are huge. Switching from Magento 1 to Magento 2 doesn’t just involve a simple upgrade. It requires them to build a completely new shop. While this offers opportunities, it also involves a major investment of time and money. This explains why several online retailers have been putting off the move, even though Adobe will stop offering support for Magento 1 imminently. What risks are you taking by postponing the decision about your shop’s future?

What does end-of-life mean?

Software is continually being improved, which is why new versions of Magento are so frequently released. The new version may contain product improvements, bug fixes and/or security updates. Users are always advised to upgrade to the latest version. Software suppliers such as Magento may support multiple versions simultaneously, but at some point they’ll stop providing support for a specific version. This version has then reached its end-of-life (EOL). The supplier will no longer solve problems,  including security issues, for an EOL software version. Your only option is to upgrade.

Once Magento 1 hits EOL in June 2020, Adobe will no longer provide support, including security issues for this software. There have not been any Magento 1 upgrades for a while now, which means that soon there will be no more critical security updates either. This is risky, as software requires continuous maintenance to prevent vulnerabilities – or resolve them as fast as possible.

What are the risks for your Magento 1 shop if you don’t take any action?

Your shop may be hacked

Using outdated software means your shop is at risk of getting hacked. Don’t think this will never happen to you. Even if your shop is tiny, your products aren’t ‘sexy’ and you only generate a very low turnover, you are still an interesting target. Remember: hackers don’t care about the shop itself, they’re only interested in how they can use it. This includes sending spam, blackmailing, selling your customer data or creating a shadow site. Hackers are also lazy. They use automated scripts to find the shops that are easiest to hack.

Say your shop does get hacked. You’ll have to pay fines because of reporting obligations, your reputation is damaged, you’ll need to take your shop offline immediately, and what’s more, cleaning it will require a significant investment.

You’re obliged to ensure your shop’s security by keeping software up to date. After Magento 1’s EOL (June 2020), there will no longer be any Magento security updates. The community may or may not temporarily assume this duty. Ask yourself whether you want to depend on this, however. Chances are that you won’t be able to keep your shop ‘healthy’ much longer.

No further development of your shop possible

In addition to the risk of getting hacked, you’ll find it increasingly difficult to further develop your shop. Extension creators will solely focus on Magento 2. After all, why waste energy on an EOL product? Increasingly, Magento developers are choosing to abandon Magento 1 altogether in favour of the creation and maintenance of Magento 2 shops. It may make finding a suitable development agency for your shop increasingly difficult in the future.

How great is the risk?

Nobody knows. Some people think it will all be okay, while others believe that hackers will descend on vulnerable Magento shops like a pack of wolves in June 2020. There already are plenty of Magento shops out there that aren’t secure because of outdated software. And no, not all of these shops are getting hacked, but that’s merely a matter of luck.

As to your shop’s development: for the time being, there are plenty of development agencies that are happy to offer technical support for your Magento 1 shop, even after June 2020. What these agencies don’t know, however, is how long they’ll be able to continue to do so properly. This greatly depends on the willingness of the Magento community to continue supporting Magento 1. At this time we have no idea what this means in practice.

Community initiatives Such as Mage One and OpenMage

The nice thing about open source software is that anyone can adapt or share it. While Adobe is stopping its Magento 1 support, other parties are free to take over. It’s worth noting, however, that this only applies to Magento Open Source (formerly the Community version), not to Magento Commerce (formerly Enterprise). Parties such as Mage One and OpenMage are talking about taking over (a specific aspect of) Magento 1 support, but unfortunately we have very little information about this at the moment.

You can wait and see, but you take a risk by choosing to wait. Because:

  • You’re relying on volunteers for support for your shop. This may affect the software’s quality and the speed at which bug fixes and patches are released.
  • And even if proper support is provided for Magento 1, can the same be said of your extensions? Magento 1 extensions are just as much in need of proper maintenance, and not every extension builder will provide this. As a result, internet criminals can use insecure extensions to access your shop.

Will Hypernode continue to host Magento 1 shops?

The answer is yes, for now. We can do this because the architecture of the Hypernode platform allows us to host unsafe shops without impacting our other customers. Each shop is located on its own isolated node. Even if a shop is hacked, the hackers cannot access other shops on our platform.

We also partner with extensions like OneStepCheckout who are committed to continue and support Magento 1 as long as their customers need it. They work hand in hand with Mage-One to ensure that not only your checkout converts well, but also stays secure.

We don’t know how long we will be able to keep hosting Magento 1 shops, however. We have our own challenges to face. A large portion of our hosting platform consists of software, and this software is continuously updated. At some point, outdated Magento 1 software will no longer be compatible with our hosting platform’s software. If we are forced to stop hosting Magento 1 shops, we will inform our customers as soon as possible. Don’t worry, we won’t leave you in the lurch.

Our advice

Don’t wait until we stop providing Magento 1 hosting services. If you haven’t yet explored the available options and alternatives, then start today. There’s nothing worse than making major decisions based on inadequate information at short notice. Our partners are happy to help you make a decision. Many of our customers have switched to Magento 2 or Shopware, for instance. Don’t hesitate to contact us to discuss your situation. We’ll gladly help you figure out which partner(s) is/are the best fit.