The Ultimate Guide to Magento Hosting
Adobe acquired Magento in May 2018. Apart from Magento Open Source (earlier known as Magento 2 Community) and Magento Commerce (Magento 2 Enterprise) editions, Adobe also provides a fully hosted edition of Magento, called Adobe Commerce. Merchants can host their storefronts on Magento Open Source and Magento Commerce editions on a variety of cloud delivery platforms available or even on their own dedicated servers.
Introduction to the Magento Platform
Magento is undoubtedly one of the most popular enterprise-class ecommerce platforms available in the market. With its comprehensive suite of tools enabling merchants to deliver online storefronts with a customizable and professional look and feel, it empowers over 164,392 online retailers.
One of the best aspects of the Magento platform is its ability to cater to small hobby stores, mid-market, and enterprise-scale customers alike.
Why Merchants Select Magento for Ecommerce
Magento has a flexible template architecture, which means that you can customize pretty much everything. With full control over the code, merchants can develop functionality based on their individual needs. The result? Online storefronts that are only limited by your imagination.
Magento is a platform that has been built to scale. In other words, whether you’re selling a handful of products, or if your catalog extends to millions of different items, Magento grows with your business.
Even Magento Open Source, a free edition of the platform, boasts features that are not commonly available in other ecommerce platforms. For instance, it allows you to manage multiple storefronts and locations, accepts global currencies, supports multiple languages, and is mobile and SEO-friendly.
Consistently improving SEO is critical to ecommerce success. Magento offers a host of SEO-friendly features, such as search-friendly URLs, sitemaps, meta tags, descriptions, and includes analytics to track visitors.
It’s a mobile-first world, and sites must be optimized to deliver great user experiences, on any device. Magento allows store owners to develop mobile sites with ease, ensuring seamless shopping environments, and helping to reduce bounce rates and drive sales.
Magento Open Source
Magento Open Source is an entirely free ecommerce platform that can be used to develop and customize an online store. Given that it requires literally zero initial investment and meets all the requirements of a small store, it works really well for a lot of small and mid-sized business owners. Easy to configure Magento extensions are also available to add more functionality where needed.
Magento Commerce is a premium paid edition of Magento, designed for stores that need more advanced functionality and customizations, making it a solution for medium to large-scale business owners. Thisedition comes with features such as return management authorization, advanced segmentation with targeted offerings, call center software integration with assisted shopping, price and promotion permission, enhanced catalog and content management system (CMS), staged merging and rollback of content, sophisticated attribute-based customer segmentation and targeting, and customer behavior-triggered automated email reminders/notifications.
Magento Commerce subscribers benefit from full support via phone and email with installation, configuration, usage, security updates, exclusive product enhancements, and troubleshooting. Magento Commerce, however, can be cost-prohibitive in a lot of cases.
Magento 1 vs Magento 2
Moving from Magento 1 (M1) to Magento 2 (M2) is not a simple upgrade; it’s an entire replatforming exercise. Magento 2 is an entirely new platform with significant framework differences and a very dissimilar hosting backend. An M2 site needs to be built from the ground up, requiring extensive resource and time commitments.
Magento 1 was sunset (end-of-life) in June 2020, after which time merchants with online stores deployed on M1 lost all access to new features, functionality updates, bug fixes, and support from Adobe/Magento. New vulnerabilities are no longer addressed with new security patches from the company.
In 2020 and 2021, Magento Commerce (M2 Enterprise) had a much lower market share than Magento Open Source (M2 Community), and Magento 1 (M1) was still ahead of Magento 2 (M2) in market share. However, as of 2022, M2 is now leading in the Top 100K sites, Top 1M sites and the entire world wide web, M1 continues to lead in the Top 10K.
Magento 2 has better adoption in ecommerce categories like Fashion & Lifestyle, Home & Garden, Computers, Electronics & Technology, and Sports. Magento 1 is leading in Arts & Entertainment, Games, Travel & Tourism, Adult, and News & Media.
Merchants that want to re-platform should take the time they need to plan well and get it done with the right partner. Check out replatforming best practices here. However, if you need more time to plan your next step, here’s some good news: Webscale continues to support thousands of M1 storefronts on any cloud. All our cloud delivery plans support M1 storefronts and secure them against exploits. We have released 55+ patches till date to support Magento 1 stores.
What is Magento Hosting?
Given its powerful features and functionalities, Magento works best with a solid hosting infrastructure that can deliver a great user experience: 100% availability, unlimited scalability, 360-degree security, and consistently fast performance.
Magento Hosting Requirements
To host Magento effectively, your server needs to meet the following technical specifications (also acronymized as LAMP stack):
- Linux – x86-64
- Apache – 2.x/ Nginx – 1.7.x
- MySQL – 5.6+
- PHP – 5.4+
Now, these requirements can be met by nearly any kind of hosting environment – shared, dedicated, VPS, or cloud. Managed or unmanaged. But how do you know what’s right for you?
Types of Magento Hosting
Shared Magento Hosting
Shared hosting is when you take up server space alongside other businesses. This means that your server maintenance costs are eliminated and you can reduce your hosting service costs. In addition, hardware maintenance costs are borne by your hosting provider. The best part? You’re left in peace, free to focus on running your store via a dashboard from where you can access your files, folders, and apps.
However, there’s a major drawback to shared hosting – when you’re sharing server space, you’re also sharing bandwidth. In other words, your service can be crippled if other sites on the server witness high demand. Shared servers are also particularly vulnerable to malicious cyber-attacks. Any threat to the server will mean that all the websites using it can be exposed.
This is not to say that it’s impossible to host Magento on shared servers. But it’s only recommended for smaller stores that can take the downtime and don’t plan to scale aggressively.
Dedicated Magento Hosting
When you opt for dedicated hosting, instead of sharing space on a server, you lease an entire server – which is usually housed in a data center. The first, immediate advantage of this setup is that it gives you full control of your server. You can run general software updates and install security patches, all without having to seek permission from your hosting provider. In fact, you can even select the type of hardware and operating system you’d like – as long as it’s Magento compliant.
The biggest downsides are price and lack of scalability. Dedicated hosting on average costs more than nearly any other hosting option. And given that you’ll be bound by the physical limitations of servers, you won’t be able to acquire the agility you need to quickly scale out during times of peak demand, meaning that your performance will start to lag. And if your server crashes for any reason (such as overwhelming, unmanageable traffic during the Holiday Season), it could be some time before you’re back up and customers can complete their transactions.
Virtual Private Server (VPS) Magento Hosting
VPS is technically a hybrid of dedicated and shared hosting. With VPS, your store’s hosting account is again on a server shared with others. However, you have dedicated virtual spaces within the servers, meaning that you have more dedicated resources for performance, which are split equally among other hosting accounts on the same server. So for all practical purposes, you have a dedicated virtual server on a shared physical server.
One of the big advantages of a VPS is that it’s more stable than a shared environment because there’s no sharing of performance resources, and since 10–20 stores can run on a single server, there’s more room for scaling as well. Finally, a VPS offers you considerable operational flexibility without affecting others sharing your server. This is not possible with shared hosting, since any customizations will affect other users’ configurations.
VPS hosting is, however, more expensive than shared hosting. Without adequate experience, you may find the configurations complicated, resulting in accidental deletion of important files. This hosting model works best for businesses that are just beginning to grow.
Cloud Magento Hosting
Used by the largest businesses on the web, cloud hosting is both popular and perfectly suited to the unpredictability of the ecommerce environment. The best part about using the cloud for hosting is that it allows virtually unlimited scaling of your server.
Since cloud hosting spans across multiple servers, unexpected peaks in traffic can be handled with ease, and without resulting in downtime or performance slowdowns, especially when your customers are browsing your products, or worse, attempting to checkout.
One more benefit of moving to the cloud is the pay-as-you-go model. Managed effectively, cloud hosting can be significantly more cost-effective because you are only using the capacity you need, when you need it. Poorly managed cloud hosting deployments, however, can be quite the opposite.
Managed vs Unmanaged Hosting
A fully managed Magento hosting provider is a specialist in Magento, and offers a complete suite of services from site migration and deployment, to the ongoing optimization of site security, scalability and performance as well as day-to-day management. Managed hosting requires little expertise or work from the business owner’s side, and entails a monthly retainer fee. Effective managed hosting service providers should provide a suite of technologies that are optimized for the Magento platform, such as elastic scaling (in and out) to handle sudden changes in traffic.
Managed hosting ensures constant monitoring, maintenance, and securing of servers and all critical applications. This makes managed hosting an extremely attractive option, since it ensures that systems will never be left unpatched and open to known or unknown vulnerabilities.
Unmanaged hosting, on the other hand, is like having your own server to maintain and control. It’s up to you to install security patches, configure all necessary software, and fix issues. Unmanaged hosting is, at face value, a cheaper option because you don’t have to pay for any routine support, but the hosting company’s responsibility stops at the maintenance of the physical hardware. Don’t expect help with anything beyond keeping the systems on and connected to the Internet.
Your host may be able to help fix issues outside of your skill set, but this will be an entirely manual process, and will be charged at an expensive, hourly rate. Unmanaged hosting is designed to give you full control over your own environment, provided you have the expertise and time to manage it. Without the right personnel, a site crash or cyber-attack could compromise your customers’ data and leave you without the means to get back online.
Choosing your Magento Hosting Provider
Top 6 Considerations
Choosing the right hosting provider is a critical decision for Magento merchants. Your hosting provider will offer the infrastructure and services necessary for your Magento store to be delivered to your customers. If that online shopping experience is anything but fast, secure and seamless, a potentially loyal lifetime customer can move on to your competitors.
Choosing the perfect hosting partner is critical to avoid customer drop-offs and loss of revenue, because how your application code, files, and data are hosted has a major impact on your store’s performance and availability. Important considerations to discuss with your prospective provider include expected store size, current and expected throughput, anticipated growth rate, scalability needs, performance expectations, and security protocols.
Here are our top six areas to focus on:
Ecommerce Store Size
Magento caters to online businesses of all sizes – small, mid-market, and enterprise. The hosting partner you choose will largely be influenced by the size of your business. The larger your Magento store, the more resources you’ll need to manage it. If you attract significant traffic, shared hosting is not recommended as slowdowns will be frequent, and could cost you sales. The speed of a Magento storefront can be a frequent cause for concern if not hosted correctly, particularly when developers are actively making updates to the codebase.
When you witness a traffic surge that’s 10X or 100X your usual traffic, your capacity can quickly be exceeded, causing your online store to crash or slow down enough to impact your ability to complete successful checkouts.
Once you’ve analyzed your store size, it’s time to look at how many requests, or how much traffic your hosting infrastructure will have to absorb and process during normal, as well as peak traffic periods. This will give you a good idea of the size and scope of the hosting architecture needed to support your traffic.
The best approach is to opt for a solution that automatically, and predictively, scales out and in depending on traffic volume. When you can predictively scale your infrastructure, you never fall behind demand, and you remain “right-sized” at all times. You also have the potential to save significant costs by avoiding being over-provisioned (with more capacity than you need), or to prevent expensive downtime by being under-provisioned.
Website Performance and Core Web Vitals
Outside of security, speed is the most important feature of an online store’s experience. No one likes or has the patience to stay on a sluggish website. Magento websites specifically tend to run slightly slower, when they aren’t properly optimized.
For consistently fast page load speeds, optimization of page content and intelligent caching are critical. Inefficient caching practices, latency issues, and lack of image and page optimization can hurt site performance. Note that you don’t need a premium content delivery network (CDN) for any of these features. You can get CDN services for anything between $0 and $1,000 a month for delivering a basic website, so do your research and pick the solution that best fits your needs.
Core Web Vitals (CWV) represent a specific aspect of the users’ real-world experience when visiting your site. They include the page loading experience (Largest Contentful Paint or LCP), interactivity (First Input Delay or FID), and visual stability of page content (Cumulative Layout Shift or CLS).
A Core Web Vitals score for your website that falls below 90, on desktop and mobile, can seriously impact your site’s search ranking because Google is now using the site’s user experience, as measured by speed optimization and page performance, to index and rank the website. A faster site delivers a better user experience, and there is a direct correlation between user experience, engagement, average cart size and revenue. If you improve your storefront’s CWV scores, Google Search will rank the site higher. Organic traffic is substantially more for websites with greater visibility on Google SERPs and during the holidays, you don’t want to miss out on those bargain hungry eyes.
RUM (Real User Monitoring) can give you unprecedented observability into your site’s performance and a CDN built for commerce can catapult your search rankings to the top. RUM helps ecommerce merchants and marketplaces get ahead of Core Web Vitals as the RUM tag measures important page load metrics like LCP, FCP, TTFB (Time To First Byte), DOM Interactive, DOM Content Loaded, Page Load Time, and Ready State Interactive. These metrics allow you to track your progress with real-time reports and take timely action to retain your search rankings and organic traffic.
This is the most important consideration for anyone looking for a Magento hosting plan. You should opt for a hosting plan with its own security in addition to Magento’s security features. This is largely because Magento’s security will only protect your store, not your hosting backend (environment). If you are relying on a bundled WAF or CDN from your ecommerce platform provider, be wary of grossly inadequate capabilities that can seriously impact the effectiveness of your website’s security, exposing you to significant levels of risk. Secure everything from the origin to the edge – traffic, browsers, and backend – and monitor everything.
The meteoric growth of ecommerce and increasingly omnichannel strategies adopted by merchants have multiplied the attack surface. Comprehensive protection can be ensured by software, automation, and analytics-led security that can proactively identify and protect web applications from a myriad of evolving threats like bad bots, DDoS attacks, Magecart attacks, credit card skimming, and fraud.
Security for modern commerce cannot be reactive or driven purely by “people power.” It has to be proactive to monitor, detect and defend against attacks in real-time, from the frontend through web traffic, malicious code inserted into the backend, bad bots or from browsers executing scripts to steal sensitive information. A knowledgeable 24×7 SecOps team to help with remediation and forensics is absolutely critical.
Every merchant and marketplace is unique with different requirements of their ecommerce technology provider. An ideal hosting provider should be ecommerce platform agnostic and accommodate any deployment model the merchant chooses to go with: monolithic, Jamstack, headless, PWA, mobile, kiosk, or desktop.
Support is a big differentiator for hosting providers, potentially the biggest. If you need help, you need to know who to call and you need to be confident they are not only intimate with your infrastructure, and your Magento application, but can quickly determine the root cause of the issue and resolve it as soon as possible.
Magento users typically need hosting assistance more often than the average online store owner, and a 24x7x365 DevSecOps support team with Magento and cloud expertise would be ideal. .
Look for a team that can work with you in real-time to proactively detect, prevent, and resolve issues, and make sure you’re looking at customer support SLAs when making a decision.
Comparison of Popular Magento Hosting Options
Scale or Fail
Scalability is critical to consider when selecting an ecommerce hosting platform for your Magento storefront, and there are many types to be aware of:
Vertical Scaling (also referred to as Scale Up)
Vertical scaling is when you attempt to increase the capacity/bandwidth of an existing single server that hosts your Magento site. This is done by adding more hardware to your server, in terms of processing power, RAM, storage, or any other resources.
Vertical scaling is usually expensive, and entails some downtime to upgrade your resources and restart. Moreover, it does not make your system fault tolerant. In other words, if you’re running a Magento site on a single server, and that server goes down or needs maintenance, your site goes down too. Finally, vertical scaling is limited in the sense that you can only scale within the confines of your server capacity.
Horizontal Scaling (also known as Scale Out)
Horizontal scaling is the process of adding more servers to deal with unpredictable, dynamic peaks in site traffic. This is usually accompanied by adding a load balancer (a reverse proxy) to distribute user requests (load) among the various servers in your new cluster.
The load balancer distributes load automatically by tracking the status of each server (how many requests each server is processing, which servers are idle, and which servers are overloaded with queued requests) and redirecting new requests to the next available server. It also factors in the network overhead before choosing a server.
Horizontal scaling is much faster than vertical scaling, and doesn’t require a restart of your system to take effect. Thus, horizontal scaling can be achieved with no downtime whatsoever, and without affecting the high availability of your Magento site.
Manual scaling, as the term implies, requires someone to manage scaling up and out (or down and in) as required. This is both time consuming and reactive, since it’s usually done in response to one or more spikes in demand.
In a physical data center-style setup, this can be very time-consuming. In the cloud, vertical as well as horizontal scaling can be achieved with a few clicks, so it’s a little easier. However, it still requires a physical person to intervene, which means that manual scaling cannot be done in response to minute-by-minute fluctuations in demand, which is how an ecommerce site typically witnesses traffic.
Manual scaling can also be prone to human error. If someone forgets to scale back down in time, it can result in unnecessary costs. In an ecommerce environment, it is nearly impossible to handle demand variations manually – or even in a scheduled manner.
Auto-scaling is the process of automatically scaling up or down the number of servers that are allocated to your Magento site, based on its needs at any point of time.
In dedicated hosting, it is extremely challenging to scale a website, let alone automatically scale it, since you are limited by your hardware resources. Once your servers are maxed out, your site will inevitably slow down and possibly even crash (depending on the significance of the traffic spike), causing you to lose precious customers as well as potential revenue.
Auto-scaling in the cloud allows you to configure trigger points (called alerts and alert escalations) that automatically react in pre-defined ways when thresholds are exceeded. For instance, when memory, network utilization, or request processing rates go above or below a predetermined threshold, your setup automatically scales up, down, in, or out.
The best part is that your architecture will automatically scale up and out (or down and in) to meet your demand variations over the lifetime of your business, regardless of how big or small your site becomes (or how fast or slow it grows) over that time.
This is when your hosting infrastructure scales not only automatically, but also predictively in anticipation of future traffic – based on current patterns and machine learning.
Predictive auto-scaling makes it possible to ensure that your Magento site is always up and available, and that it always has just the right resource provisioning to prevent site slowdowns or outages — without overpaying for resources.
Optimizing a Magento Store for Performance
Ensuring consistently fast page load speeds depends heavily on your caching and content optimization practices.
Remote Dictionary Server, or redis, is a popular open-source, caching management system, particularly for Magento 2. Redis caching keeps data in the server memory using a key-value system, so that data retrieval is effortless (since there are no complicated operations that slow down relational databases) and request processing, faster. Redis has been found to be faster than most other cache mechanisms.
The biggest advantage of redis caching is that being written in C, it’s blazing-fast. The cached data is stored and optimized by way of cache tags and inner indexation, further reducing the time taken to find the requested information. And if data has been requested before, redis caching accesses it even faster. Also, redis natively supports most of the data types, including hashes, sorted sets, set, and list.
Varnish cache, on the other hand, is a web application accelerator also known as caching HTTP reverse proxy. It works by caching web server responses – so, when there’s a visitor request, site pages are loaded directly from the Varnish cache. However, the biggest disadvantage of Varnish is its complexity. Varnish is also not fully compatible with a few third-party Magento extensions, and its optimal configuration is challenging.
Do you need a CDN with Magento Hosting?
A CDN (Content Delivery Network) typically hosts the heaviest elements of a page, reducing the page’s loading time and boosting performance. For ecommerce websites with hundreds of product images, and global customers accessing them using various devices and browsers, a CDN is a critical component to ensure a seamless browsing experience. CDN providers must also bring in-depth security expertise, to proactively monitor and defend against emerging cyberthreats.
However, not all CDNs are created equal, and the demands of modern commerce—from industry-beating Core Web Vitals to the rapid deployment of services around security, headless and PWA environments—are pushing the industry to deliver new edge platforms to enable these varied use cases.
New-age edge CDNs accelerate page load times by selectively caching static assets and utilizing pre-deployed code at edge nodes closest to the requester, for tasks such as image optimization, or security against carding attacks. This reduces latency while offering deep application insight and observability, with real-time logging and flexible security policy controls. New code deployments can be automatically tested and deployed at global edge locations too without any IT or DevOps constraints around the provisioning, scaling, or management of origin servers.
Dynamic Site Caching
Dynamic site content changes based on user-related factors, such as location, device, and time of visit. A dynamic web page is unique to each user, and it can change further as users interact with it. This makes web pages highly personalized and interactive, in turn making for better user engagement.
Most ecommerce pages are dynamic and personalized based on a user’s shopping behavior, so they cannot be cached and re-used for other visitors. Anonymous users however, as well as bots, can receive cached HTML pages. Dynamic Site Cache delivers blazing fast page loads for users when they visit an online store for the first time, by allowing caching of HTML pages and content for anonymous sessions.
Also, with Dynamic Site Cache enabled, the application origin is no longer processing bot traffic, therefore increasing the efficiency of the application infrastructure, improving performance and reducing operating costs.
A typical ecommerce site displays hundreds or even thousands of images every day. As 60% of the weight of a typical ecommerce page can be in images, an improvement in the size of images, and the bandwidth they consume, can result in much faster page load times and a more engaging customer experience.
Image Management solutions can automatically resize, reformat, or compress images based on end user latency, device type, screen resolution, and browser type, thus improving page load speeds.
Image Management tools can also manipulate images dynamically and on-demand, so there is no need to store different variants of an image statically on the origin server, thus reducing storage costs. In addition, automating this task reduces the need to hire costly in-house teams.
Site administrators can also use image management solutions to perform customizations on product images, such as zoom-in, logo or text overlays, and color changes on-the-fly, greatly enhancing the shopping experience across platforms and improving engagement.
Furthermore, image management solutions ensure that the best suited image is dynamically delivered to every device, including smartwatches, tablets, and smartphones, every time.
Securing a Magento Store Against Cyberattacks
Hackers are becoming increasingly sophisticated and innovative in executing attacks. Every ecommerce platform, including Magento, is vulnerable unless 360-degree security is established to defend against traffic-based attacks at the edge, malware insertions at the backend, bad bots, browsers executing mischievous scripts or third-party software that’s been compromised. With Magento, installing security patches as soon as they are available, and upgrading to the latest version are two best bets to stay ahead of the hacker.
How Magento attacks are executed
Magecart is an association of threat actor groups who target online shopping carts, mostly from within the ecommerce platform Magento. The Magecart name is derived by combining ‘Mage’ (from Magento) with ‘cart’ (shopping cart). This type of attack is especially dangerous as it only takes one line of code to steal payment card data.
Many Magento merchants are slow to install security patches, and these temporarily exposed vulnerabilities are one of the most common routes taken by cyber-attackers looking to exploit a storefront’s underlying code. Once they find such vulnerabilities, malicious code is uploaded and executed to gain full access to the system, customer data, credit card information and more.
But even a fully patched, up-to-date system can be left vulnerable if it hasn’t been properly configured, or if merchants do not follow the best practices of information security. Then there are also brute-force attacks and those that target zero-day vulnerabilities.
Improving your Magento store’s security
Cybersecurity is an arms race. As attackers get smarter, more sophisticated, and more determined, your best bet is to try and stay at least a couple of steps ahead.
When Magento publishes a vulnerability along with its security patch, run it immediately. Hackers monitor the release of these patches, and actively seek out sites that have yet to install them. Get to your vulnerability before they do, and if you can’t, work with a security partner that can.
Implement an ecommerce security solution that leverages real-time CSP (content security policy) protection to proactively identify script violations and prevent them from impacting the application.
Next, make sure you control admin access. Allow-list all your admin IDs, and restrict access to just those IDs. Make sure you frequently monitor and audit all access to this section. You also need to have mechanisms in place to prevent unauthorized PHP execution.
Bot management is another extremely important part of your cybersecurity strategy. Malicious bots need to be denied access to your site, as they can dramatically skew traffic data, as well as drain your infrastructure and cause it to scale unnecessarily. However, merchants must also ensure they’re not blocking good bots, like those deployed by Google or Bing to make your website easy to find on their search engines, are being restricted access as well.
Work with a hosting provider that is PCI-DSS, SOC2 and HIPAA compliant and can help you with your timely certificate renewals as well.
Magento Hosting with Webscale
Webscale is more than just a hosting provider. We are the fastest and most secure cloud platform for Modern Commerce. With thousands of Magento storefronts in the public cloud, Webscale offers the only cloud hosting and management solution that delivers 100% uptime, powerful enterprise-grade security, blazing-fast performance, high Core Web Vitals and 24x7x365 DevSecOps Support, along with unprecedented levels of real-time control and deep observability through the Webscale Portal. Webscale’s automated code deployments and managed CI/CD helps you migrate to any public cloud environment, so you can realize the true benefits of the cloud – extreme flexibility, infinite capacity, predictive scalability, and up to 75% lower costs by having a system that is always right-sized, so you only pay for what you use.
Request a Meeting
Schedule a 15-minute call with one of our ecommerce specialists