6 Top E-Commerce Developers Share Recommendations on Tackling Magento 1 End of Life
By Andrew Humber |
With Magento 1’s end-of-life (EOL) less than 60 days away, the race is on for merchants still on M1 to find a way to stay there, re-platform to M2, or migrate to a new platform entirely.
Ecommerce merchants wanting to stay, either for cost reasons or because their migration projects have been delayed due to the COVID-19 situation, will not have access to new features, bug fixes, functionality updates from Magento/Adobe after June 2020. Most importantly, any future vulnerabilities potentially exposed will no longer be addressed with new security patches from the company.
In our previous blog, we shared insights from top ecommerce developers on merchants’ preparedness and concerns. In this edition, we asked for their recommendations, both near and long-term, for merchants dealing with the M1 EOL situation amid the additional uncertainty and disruption caused by COVID-19. Here’s what they had to say:
“Reaching Magento 1 end of life doesn’t mean your website is going to implode. Your risk of security breaches is higher, but if you don’t know where you’re taking your business next, you might be better off staying where you are for just a little longer. The last thing you want to do is sink a bunch of money into a new website that you’re just going to have to rebuild in a year or two. Set aside time to focus on your online strategy. Really think about what your ecommerce site might need to do for you in the next 5, 10, even 15 years. That growth plan will make your platform choices a lot easier so when you do make your move, it’s a big step in the right direction”
“If you need to stay on Magento 1 past July, you now have some very good options available. But you have to DO something – if you don’t you’re going to put your company in harm’s way when your payment processor does their next scan or worse yet – if you’re breached. A hosting company with a specific plan (like Webscale) will really make this a lot easier. According to a certified PCI assessor advising us, if you add extra security, extra scanning, extra monitoring and extra planning you’ll be ready with the appropriate compensating controls to make up for failing to satisfy PCI DSS 6.2”
We recently did a livestream with Best Worlds and RSI Security on the topic of PCI compliance around M1 EOL. You can read Joe’s excellent blog on it here and check out the livestream here.
“The looming end-of-life of Magento 1 requires making a decision now. If possible, reach out to a certified Magento professional partner like Crimson Agility today for an assessment of the cost and timeline for migrating your Magento 1 site to Magento 2. The advantages and opportunities of migrating to Magento 2 are significant and can stimulate long-term sales growth and improve the total cost of ownership for B2C and B2B merchants. For some migrating to Magento 2 at this time is not an option due to the price tag, time, or development partner’s availability. In this case, the most important thing you can do is ensure you are secure and have a “managed” security plan and strategy. To do this, I recommend engaging with a knowledgeable team of professionals who can help assess risk, develop a security strategy, and ensure that best practices are correctly employed. A managed security strategy addresses infrastructure, network, process, and software vulnerabilities and can thwart and deter malicious actors now and in the future.”
“The fate of many businesses will depend on their ability to execute in the ecommerce channel. Now is not the time to be operating on an unsupported eCommerce platform risking the ability to operate thus further injuring businesses already suffering as a result of the Coronavirus. In the long term, merchants currently on Magento 1 must migrate to Magento 2. In the short term, migration may not be realistic: M1 end-of-life is only a few weeks away, and capital – both human and financial – are limited. Short-term efforts should be focused on activities that are likely to drive value and security ultimately assisting in driving longer-term growth and stability to the organization.”
“Merchants who have already planned for the migration before June 2020 but because of the COVID-19 situation, if they want to stay on the M1 for a few more months, they should make sure that their server is secure enough and closely monitor if any vulnerability found in code by Magento community. A company like Webscale allows merchants to use M1 even after June 2020 – they will take care of securities and uptime. In the long-term, it is necessary to migrate from M1 for many reasons. Soon, it would be hard to find developers/agencies working on M1. There are lots of merchants still have their online store on the M1 and continuing to use M1 after June-2020 is risky and an invitation to vulnerabilities.”
“Couple of suggestions to merchants if cost is what is stopping you. Firstly, if e-commerce is just about having an online presence or if you are not going to make a lot of enhancements to the website for at least 1 year, then it does not make sense to migrate. It is better to stay on M1. However, we must ensure that there are no security challenges due to the outdated libraries. The security problem can be effectively solved by using a cloud platform like Webscale. WAF and virtual patching will ensure that the loopholes in your website are closed and prevented from being exploited. Secondly, for other merchants for whom e-commerce is a serious business, migration is inevitable. They really have to migrate out of Magento 1 to a stable and modern e-commerce platform. It could be Magento 2 or an alternative that suits your business.”
Thank you guys for the expert recommendations, and if you’re a Magento merchant currently wading through this decision, and would like to chat through the options, you know where to find us.
But if you have already made up your mind and plan to stay on M1, then take a minute to review Webscale M1 Support – the most complete security, support and monitoring solution for merchants needing more runway for their M1 storefront.
Andrew hails from the UK, but headed for the warmer Bay Area climate over a decade ago. When he’s not being Webscale’s VP of Marketing, he’s a husband, father, dog walker, wine taster, and hopeless home improver.