THE ULTIMATE GUIDE TO
MAGENTO HOSTING

introduction to magneto platform

Magento is undoubtedly one of the most popular enterprise-class ecommerce platforms available in the market. With its comprehensive suite of tools, enabling merchants to deliver online storefronts with a customizable and professional look and feel, it powers over 250,000 online retailers, and is chosen by one out of four merchants.

One of the best aspects of the Magento platform is its ability to cater to small hobby stores, mid-market, and enterprise-scale customers alike.

Aspects of Magento Platform - Compatibility, Performance, Scalability, Security etc
Advantages of Using Magento for Online Stores

ADVANTAGES OF USING MAGENTO 

CUSTOMIZABLE

Magento has a flexible template architecture, which means that you can customize just about everything. With full control over the code, merchants can develop functionality based on their individual needs. The result? Online storefronts that are only limited by your imagination.

FEATURE-RICH

Even Magento Community, a free open-source version of the platform, boasts features that are not commonly available in other platforms. For instance, it allows you to manage multiple storefronts and locations, accepts global currencies, supports multiple languages, and is mobile and SEO-friendly.

SCALABLE

Magento is a platform that has been built to scale. In other words, whether you’re selling a handful of products, or if your catalog extends to millions of different items, Magento grows with your business.

SEO-FRIENDLY

Consistently improving SEO is critical to ecommerce success. Magento offers a host of SEO-friendly features, such as search-friendly URLs, sitemaps, meta tags, descriptions, and includes analytics to track visitors.

MOBILE-FRIENDLY

It’s a mobile-first world, and sites must be optimized to deliver great user experiences, on any device. Magento allows store owners to develop mobile sites with ease, ensuring seamless shopping environments, and helping to reduce bounce rates while driving sales.

MASSIVE COMMUNITY

Magento users have access to the resources of its vast community. With over 360k forum members and 5.9k contributors from the user, developer, and designer ecosystems, these resources mean that if you have a problem, chances are you’ll find a solution to it.

DISADVANTAGES OF USING MAGENTO 

Need for hosting

Despite the increasing popularity of the cloud, many Magento sites are still hosted on the dedicated servers, configured either by developers or the merchants themselves, or by providers that specialize in Magento dedicated hosting. These, typically shared, hosting environments can be highly problematic, resulting in slow and often frustrating end-user experiences.

Expensive plans

While the community version of Magento is free of cost, its enterprise version (Magento Enterprise) can be prohibitively expensive (tens of thousands of dollars), depending on the version of Magento you’re using, and your gross merchandise value (GMV).

Complex, time-consuming customization

Magento’s flexible architecture is complex. It usually takes more time and effort to make customizations in Magento than it does to make those same changes in other platforms. In other words, you will need to invest heavily in your developer’s Magento education and certification, or like many merchants, employ experienced third parties for this task.

Security patches

Ecommerce remains a popular target for hackers, and while Magento regularly rolls out security updates, these patches must be manually installed in a timely fashion.

Developers must be chosen wisely

Since Magento sites are forged from a massive ecosystem consisting of more than 20,000 files and 200 database tables, it takes a proficient developer with a solid grasp of object-oriented development and expertise with the core software to find their way around. There are many that claim this experience but are unable to deliver, so pick your development partner carefully.

Poor support

Support on Magento, especially for its Cloud edition, is known to have issues. When you run into a security issue, particularly with Magento Community, it may take anything from weeks to months to get an update to fix it – leaving your site at risk for the entire period. On the other hand, if you choose to bypass official support, and are lucky enough to find an expert Magento developer to handle the issue, it can be expensive.

Frequent updates and migrations

Working with Magento means you have to undergo an endless series of maintenance and security updates or patches, which is not a straightforward process. You are typically directed to migrate/replatform to the newest version of Magento, every time one is released, with previous versions eventually being designated end-of-life. For instance, currently, Magento 1 users are being forced to replatform to Magento 2. The process is neither easy nor cheap, and requires a lot of planning, time, resources, and exhaustive testing to be successful. A lot of Magento 1 themes and extensions that you were used to in Magento 1 are no longer compatible in Magento 2.

MAGENTO COMMUNITY VS ENTERPRISE

Magento Community Page on a Laptop Screen

MAGENTO COMMUNITY

Magento Community is an entirely free development platform that can be used to develop and customize an ecommerce store. Given that it requires literally zero initial investment and meets all the requirements of a small store, it works really well for a lot of small and mid-sized business owners. Easy to configure Magento extensions are also available to add more functionality where needed.

Magento Enterprise Page on a Laptop Screen

MAGENTO ENTERPRISE

Magento Enterprise is a premium paid version of Magento, designed for stores that need more advanced functionality and customizations, making it a solution for medium to large-scale business owners. The Enterprise edition comes with features such as return management authorization, advanced segmentation with targeted offerings, call center software integration with assisted shopping, price and promotion permission, enhanced catalog and content management system (CMS) and more.

Enterprise subscribers benefit from full support via phone and email with installation, configuration, usage, security updates,exclusive product enhancements, and troubleshooting. Magento Enterprise, however, can be cost-prohibitive in a lot of cases.

MAGENTO 1 VS MAGENTO 2

Moving from Magento 1 (M1) to Magento 2 (M2) is not a simple upgrade; it’s an entire replatforming exercise. Magento 2 is an entirely new platform with significant framework differences and a very dissimilar hosting backend. An M2 site needs to be built from the ground up, requiring extensive resource and time commitments.

Magento 1’s end-of-life (EOL) is coming up in June 2020, after which time merchants with online stores deployed on M1 will lose all access to new features, functionality updates, bug fixes, and support from Adobe/Magento. Most importantly, any future vulnerabilities exposed will no longer be addressed with new security patches from the company.

M2 Enterprise has a much lower market share than M2 Community, and M1 is still leading M2 in market share. A significantly higher proportion of sites are moving from M1.x to M1.9, compared to the M1.x to M2.x transition. M2 has its share of problems too – the performance of M2 sites has been disappointing for merchants.

Merchants that want to re-platform should take the time they need to get it done with the right partner and appropriate planning. Check out replatforming best practices here. In the meantime, offerings like Webscale M1 Support can help to extend the lifespan of M1 stores, while securing them against exploits.

Magento 1 vs Magento 2 - A confused retailer is looking at the roadside board showing two directions

WHAT IS MAGENTO HOSTING?

Given its powerful features and functionalities, Magento works best with a solid hosting infrastructure that can deliver a great user experience: 100% availability, unlimited scalability, 360° security, and consistently fast performance.

TYPES OF MAGENTO HOSTING

Types of Magento Hosting – Shared, Dedicated, VPS, Cloud etc

SHARED MAGENTO HOSTING


Shared hosting is when you share server space alongside other businesses. This means that your server maintenance costs are eliminated and you can reduce your hosting service costs. In addition, hardware maintenance costs are borne by your hosting provider. You’re free to focus on running your store via a dashboard from where you can access your files, folders, and apps.

However, when you’re sharing server space, you’re also sharing bandwidth. In other words, your service can be crippled if other sites on the server witness high demand. Shared servers are also particularly vulnerable to cyber-attacks. Any threat to the server will mean that all the websites using it can be exposed.

This is not to say that it’s impossible to host Magento on shared servers. But it’s only recommended for smaller stores that can take the downtime and don’t plan to scale aggressively.

Shared Hosting Servers Connected to Online Storefronts

DEDICATED MAGENTO HOSTING


When you opt for dedicated hosting, instead of sharing space on a server, you lease an entire server – which is usually housed in a data center. The first, immediate advantage of this setup is that it gives you full control of your server. You can run general software updates and install security patches, all without having to seek permission from your hosting provider. In fact, you can even select the type of hardware and operating system you’d like – as long as it’s Magento compliant.

The biggest downsides are price and lack of scalability. Dedicated hosting on average costs more than nearly any other hosting option. And given that you’ll be bound by the physical limitations of servers, you won’t be able to acquire the agility you need to quickly scale out during times of peak demand, meaning that your performance will start to lag. And if your server crashes for any reason (such as overwhelming, unmanageable traffic during the Holiday Season), it could be some time before you’re back up and customers can complete their transactions.

Dedicated Hosting Server Connected to Storefront

VIRTUAL PRIVATE SERVER (VPS) MAGENTO HOSTING


VPS is technically a hybrid of dedicated and shared hosting. With VPS, your store’s hosting account is again on a server shared with others. However, you have dedicated virtual spaces within the servers, meaning that you have more dedicated resources for performance, which are split equally among other hosting accounts on the same server. So for all practical purposes, you have a dedicated virtual server on a shared physical server.

One of the best advantages of a VPS is that it’s more stable than a shared environment because there’s no sharing of performance resources, and since 10–20 stores can run on a single server, there’s more room for scaling as well. Finally, a VPS offers you considerable operational flexibility without affecting others sharing your server. This is not possible with shared hosting, since any customizations will affect other users’ configurations.

VPS hosting is, however, more expensive than shared hosting. Without adequate experience, you may find the configurations complicated, resulting in accidental deletion of important files. This hosting model works best for businesses that are just beginning to grow.

Virtual Private Server (VPS) Connecting Magento Sites

CLOUD MAGENTO HOSTING


Used by the largest businesses on the web, cloud hosting is both popular and perfectly suited to the unpredictability of the ecommerce environment. The best part about using the cloud for hosting is that it allows virtually unlimited scaling of your server .

Since cloud hosting spans across multiple servers, unexpected peaks in traffic can be handled with ease, and without resulting in downtime or performance slowdowns, especially when your customers are browsing your products, or worse, attempting to checkout.

One more benefit of moving to the cloud is the pay-as-you-go model. Managed effectively, cloud hosting can be significantly more cost-effective because you are only using the capacity you need, when you need it. Poorly managed cloud hosting deployments, however, can be quite the opposite.

Cloud Magento Hosting – Cloud Server connected to Magento Storefronts

MANAGED VS UNMANAGED HOSTING


A fully managed Magento hosting provider is a specialist in Magento, and offers a complete suite of services from site migration and deployment, to the ongoing optimization of site security, scalability and performance as well as day-to-day management. Managed hosting requires little expertise or work from the business owner’s side, and entails a monthly retainer fee. Effective managed hosting service providers should provide a suite of technologies that are optimized for the Magento platform, such as elastic scaling (in and out) to handle sudden changes in traffic.

Managed hosting ensures constant monitoring, maintenance, and securing of servers and all critical applications. This makes managed hosting an extremely attractive option, since it ensures that systems will never be left unpatched and open to known or unknown vulnerabilities.

Managed vs Unmanaged Hosting – An Engineer is Connecting the Cables on Server


Unmanaged hosting, on the other hand, is like having your own server to maintain and control. It’s up to you to install security patches, configure all necessary software, and fix issues. Unmanaged hosting is, at face value, a cheaper option because you don’t have to pay for any routine support, but the hosting company’s responsibility stops at the maintenance of the physical hardware. Don’t expect help with anything beyond keeping the systems on and connected to the Internet however.

Your host may be able to help fix issues outside of your skill set, but this will be an entirely manual process, and will be charged at an expensive, hourly rate. Unmanaged hosting is designed to give you full control over your own environment, provided you have the expertise and time to do it. Without the right personnel, a site crash or cyber-attack could compromise your customers’ data and leave you without the means to get back online.

CHOOSING YOUR MAGENTO HOSTING PROVIDER: TOP 5 CONSIDERATIONS

Choosing the right hosting provider is a critical decision for Magento merchants. Your hosting provider will provide the infrastructure and services necessary for your Magento store to be delivered to your customers. If that online shopping experience is anything but fast, secure and seamless, a potentially loyal lifetime customer can move on to your competitors.

Choosing the perfect hosting partner is critical to avoid customer drop-offs and loss of revenue, because how your application code, files, and data are hosted has a major impact on your store’s performance and availability. Important considerations to discuss with your prospective provider include expected store size, current and expected throughput, anticipated growth rate, scalability needs, performance expectations, and security processes.

Here are our top five areas to focus on:

Choosing Your Magento Hosting Provider – Confused Retailer with Lots of Questions

1. ECOMMERCE STORE SIZE


Magento caters to online businesses of all sizes – small, mid-market, and enterprise. The hosting partner you choose will largely be influenced by the size of your business. The larger your Magento store, the more resources you’ll need available to you to manage it. If you attract significant amount of traffic, shared hosting is not recommended as slowdowns will be frequent, and could cost you sales. The speed of a Magento storefront can be a frequent cause for concern if not hosted correctly, particularly when developers are actively making updates to the codebase.

2. SCALABILITY


When you witness a traffic surge that’s 10X or 100X your usual traffic, your capacity can quickly be exceeded, causing your online store to crash or slow down enough to impact your ability to complete successful checkouts.

Once you’ve analyzed your store size, it’s time to look at how many requests, or how much traffic your hosting infrastructure will have to absorb and process during normal, as well as peak traffic periods. This will give you a good idea of the size and scope of the hosting architecture needed to support your traffic.

The best solution is to opt for a setup that automatically, and predictively, scales out and in depending on traffic volume. When you can predictively scale your infrastructure, you never fall behind demand, and you remain “right-sized” at all times. You also have the potential to save significant costs by avoiding being over-provisioned (with more capacity than you need), or to avoid expensive downtime by being under-provisioned.

3. WEBSITE PERFORMANCE


Outside of security, speed is the most important feature of an online store’s experience. No one likes – or has the patience to stay on – a sluggish website. Magento websites specifically tend to run slightly slower, when they aren’t properly optimized.

For consistently fast page load speeds, optimization of page content and intelligent caching are critical. Inefficient caching practices, latency issues, and lack of image and page optimization can hurt site performance. Note that you don’t need a premium content delivery network (CDN) for any of these features. You can get CDN services for anything between $0 and $1,000 a month for delivering a basic website, so do your research and pick the solution that best fits your needs.

4. CYBERSECURITY


This is the most important consideration for anyone looking for a Magento hosting plan. You should opt for a hosting plan with its own security in addition to Magento’s security features. This is largely because Magento’s security will only protect your store, not your hosting backend (environment). With hackers getting smarter and more sophisticated, attacks are increasingly targeting the backend and the application layer, where hackers can change the filesystem and insert malicious code or executables that can be easily exploited at a later date.

A basic web application firewall (WAF) just doesn’t cut it anymore. Make sure that you ask your hosting provider if they have the necessary sophisticated cybersecurity measures in place to prevent all types of cyber-attacks, ranging from DDoS to credit card theft attempts. Also make sure they have a SecOps team dedicated to monitoring security feeds and applying fixes across their customers to protect sites against vulnerabilities in real-time.

5. SUPPORT


Support is a big differentiator for hosting providers, potentially the biggest. If you need help, you need to know who to call and you need to be confident they are not only intimate with your infrastructure, and your Magento application, but they can quickly determine root cause of the issue and resolve it as soon as possible.

Magento users typically need hosting assistance more often than the average online store owner, and a support team that mechanically follows a troubleshooting script is not very helpful.

Magento’s own hosting option, Magento Commerce Cloud, unfortunately, has had a lot of criticism for their support

Look for a team that can work with you in real-time to proactively detect, prevent, and resolve issues, and make sure you’re looking at customer support SLAs when making a decision.

SCALE OR FAIL

Scale or Fail – Scalability is critical to consider when selecting an ecommerce hosting platform

Scalability is critical to consider when selecting an ecommerce hosting platform for your Magento storefront, and there are many types to be aware of:

VERTICAL SCALING (ALSO REFERRED TO AS SCALE UP)


Vertical scaling is when you attempt to increase the capacity/bandwidth of an existing single server that hosts your Magento site. This is done by adding more hardware to your server, in terms of processing power, RAM, storage, or any other resources.

Vertical scaling is usually expensive, and entails some downtime to upgrade your resources and restart. Moreover, it does not make your system fault tolerant. In other words, if you’re running a Magento site on a single server, and that server goes down or needs maintenance, your site goes down too. Finally, vertical scaling is limited in the sense that you can only scale within the confines of your server capacity.

HORIZONTAL SCALING (ALSO KNOWN AS SCALE OUT)


Horizontal scaling is the process of adding more servers to deal with unpredictable, dynamic peaks in site traffic. This is usually accompanied by adding a load balancer (a reverse proxy) to distribute user requests (load) among the various servers in your new cluster.

The load balancer distributes load automatically by tracking the status of each server (how many requests each server is processing, which servers are idle, and which servers are overloaded with queued requests) and redirecting new requests to the next available server. It also factors in the network overhead before choosing a server.

Horizontal scaling is much faster than vertical scaling, and doesn’t require a restart of your system to take effect. Thus, horizontal scaling can be achieved with no downtime whatsoever, and without affecting the high availability of your Magento site.

MANUAL SCALING


Manual scaling, as the term implies, requires someone to manage scaling up and out (or down and in) as required. This is both time consuming and reactive, since it’s usually done in response to one or more spikes in demand.

In a physical data center-style setup, this can be very time-consuming. In the cloud, vertical as well as horizontal scaling can be achieved with a few clicks, so it’s a little easier. However, it still requires a physical person to intervene, which means that manual scaling cannot be done in response to minute-by-minute fluctuations in demand, which is how an ecommerce site typically witnesses traffic.

Manual scaling can also be prone to human error. If someone forgets to scale back down in time, it can result in unnecessary costs. In an ecommerce environment, it is nearly impossible to handle demand variations manually – or even in a scheduled manner.

AUTO-SCALING


Auto-scaling is the process of automatically scaling up or down the number of servers that are allocated to your Magento site, based on its needs at any point of time.

In the age of dedicated hosting, it was extremely challenging to scale a website, let alone automatically scale it, since you were limited by your hardware resources. Once your servers were maxed out, your site would inevitably slow down and possibly even crash (depending on how significant the traffic spike was), causing you to lose precious customers as well as potential revenue.

Auto-scaling in the cloud allows you to configure trigger points (called alerts and alert escalations) that automatically react in pre-defined ways when thresholds are exceeded. For instance, when memory, network utilization, or request processing rates go above or below a predetermined threshold, your setup automatically scales up, down, in, or out.

The best part is that your architecture will automatically scale up and out (or down and in) to meet your demand variations over the lifetime of your business, regardless of how big or small your site becomes (or how fast or slow it grows) over that time.

PREDICTIVE AUTO SCALING


This is when your hosting infrastructure scales not only automatically, but also predictively in anticipation of future traffic – based on current patterns and machine learning.

Predictive auto-scaling ensures your Magento site is always up and available, and that it always has just the right resource provisioning to prevent site slowdowns or outages — without overpaying for resources.

OPTIMIZING A MAGENTO STORE FOR PERFORMANCE

Ensuring consistently fast page load speeds depends heavily on your caching and content optimization practices.

40% users abandon the website that takes more than 3 seconds to load
47% users except a web page to load in 2 seconds or less
52% users state that quick page loading is important to their site loyalty
79% users are dissatisfied with website performance are less likely to buy from the same site again

REDIS CACHE


Remote Dictionary Server, or redis, is a popular open-source, caching management system, particularly for Magento 2. Redis caching keeps data in the server memory using a key-value system, so that data retrieval is effortless (since there are no complicated operations that slow down relational databases) and request processing, faster. Redis has been found to be faster than most other cache mechanisms.

The biggest advantage of redis caching is that being written in C, it’s blazing-fast. The cached data is stored and optimized by way of cache tags and inner indexation, further reducing the time taken to find the requested information. And, if data has been requested before, redis caching accesses it even faster. Redis natively supports most of the data types, including hashes, sorted sets, set, and list.

VARNISH CACHE


Varnish cache, on the other hand, is a web application accelerator also known as caching HTTP reverse proxy. It works by caching web server responses – so, when there’s a visitor request, site pages are loaded directly from the Varnish cache. However, the biggest disadvantage of Varnish is its complexity. Varnish is also not fully compatible with a few third-party Magento extensions, and its optimal configuration is challenging.

DO YOU NEED A CDN WITH MAGENTO HOSTING?


A CDN (Content Delivery Network) is essentially a geographically dispersed network of servers. Each such server, called a node (or edge server), caches static content (such as images, CSS, or JS files) of web pages. Thus, when a user requests a page to load, the edge server in closest proximity to the user delivers this static content. This minimizes latency, since a majority of page load time is typically spent on retrieving content from the origin.

With the “building blocks” of web pages stored in as many edge servers as possible, your Magento site experience will be significantly faster. Even more importantly, CDNs are essential because no matter where your Magento store is hosted, you need to be able to deliver the same site experience to all your users, regardless of where they’re located.

CDNs also help prevent site crashes during traffic surges, since they distribute bandwidth across multiple servers instead of routing all traffic through a single server.

All that said, CDNs add very little value when serving users/shoppers over a small geographic area. That’s where content optimization at the origin makes a big difference.

DYNAMIC SITE CACHING


Server depicting dynamic site caching

Dynamic site content changes based on user-related factors, such as location, device, and time of visit. A dynamic web page is unique to each user, and it can change further as users interact with it. This makes web pages highly personalized and interactive, in turn making for better user engagement.

Most ecommerce pages are dynamic and personalized based on a user’s shopping behavior, so they cannot be cached and re-used for other visitors. Anonymous users however, as well as bots, can receive cached HTML pages. Dynamic Site Cache delivers blazing fast page loads for users when they visit an online store for the first time, by allowing caching of HTML pages and content for anonymous sessions.

Also, with Dynamic Site Cache enabled, the application origin is no longer processing bot traffic, therefore increasing the efficiency of the application infrastructure, improving performance and reducing operating costs.

IMAGE MANAGEMENT


Image Management - Different screen sizes showing image resizing

A typical ecommerce site displays hundreds or even thousands of images every day. As 60% of the weight of a typical ecommerce page can be in images, an improvement in the size of images and the bandwidth they consume, can result in much faster page load times and a more engaging customer experience.

Image management solutions can automatically resize, reformat, or compress images based on end user latency, device type, screen resolution, and browser type, thus improving page load speeds.

Image management tools can also manipulate images dynamically and on-demand, so there is no need to store different variants of an image statically on the origin server, thus reducing storage costs. In addition, automating this task reduces the need to hire costly in-house teams.

Site administrators can also use image management solutions to perform customizations on product images, such as zoom-in, logo or text overlays, and color changes on-the-fly, greatly enhancing the shopping experience across platforms and improving engagement.

Furthermore, image management solutions ensure that the best suited image is dynamically delivered to every device, including smartwatches, tablets, and smartphones, every time.

SECURING A MAGENTO STORE AGAINST CYBERATTACKS

According to a 2019 survey by Foregenix, over 75% of Magento websites globally were at a high risk of cyber-attacks. Hackers targeting ecommerce sites are becoming more and more sophisticated. Given the variety of attack vectors that cyber-criminals have at their disposal today, attacking a Magento storefront is sadly quite simple if the appropriate precautions are not taken.

Securing a Magento Storefront against Cyberattacks

How Magento attacks are executed

Many merchants are slow to install security patches, and these temporarily exposed vulnerabilities are one of the most common routes taken by cyber-attackers looking to exploit a storefront’s underlying code. Once they find such vulnerabilities, malicious code is uploaded and executed to gain full access to the system, customer data, credit card information and more.

But even a fully patched, up-to-date system can be left vulnerable if it hasn’t been properly configured, or if merchants do not follow the best practices of information security. Then there are also brute-force attacks and those that target zero day vulnerabilities.

How Magento Attacks are Executed - A man on harness is trying to hack a system

Improving your Magento store’s security

Cybersecurity is an arms race. As attackers get smarter, more sophisticated, and more determined, your best bet is to try and stay at least a couple steps ahead.

When Magento publishes a vulnerability along with its security patch, run it immediately. Hackers monitor the release of these patches, and actively seek out sites that have yet to install them. Get to your vulnerability before they do, and if you can’t, work with a security partner that can.

Next, make sure you control admin access. Whitelist all your admin IDs, and restrict access to any others. Make sure you frequently monitor and audit all access to this section. You also need to have mechanisms in place to prevent unauthorized PHP execution.

Bot management is another extremely important part of your cybersecurity strategy. Malicious bots need to be denied access to your site, as they can dramatically skew traffic data, as well as drain your infrastructure and cause it to scale unnecessarily. However, merchants must also ensure they’re not blocking good bots, like those deployed by Google or Bing to make your website easy to find on their search engines, are being restricted access as well.