Your Digital Commerce Experts
Nexcess Logo

Nexcess Blog

July 06, 2020

Magento 1 End of Life: It’s July. Is your store safe?

We made it to July. Congratulations.

I’m guessing your online store, if you’re running Magento 1, is still standing – even if companies large and small were telling you that the “end of life” situation with Magento 1 was dire. If you’ve been reading things we’ve written already about it, you know we were big fans of being honest without creating alarm and stress.

But now we’re here – past Magento 1’s end of life, and we need to ask the question, the one you’re likely asking yourself already. Is your store safe?

I think there are four ways to answer that question.

Is your store’s code safe?

The good news is that nothing about the code that was running on your site last month has changed this month. What worked last quarter will work this quarter. Files didn’t suddenly go bad or corrupt. And there weren’t any special protections on your files or code that expired.

The End of Life declaration for Magento 1 code from Adobe/Magento means that if some new bug were found, they wouldn’t be creating patches any longer. But that is a statement about the future, not about the code that has been running your store up until now.

So the answer to this version of the question, is yes, as of right now, your code is safe.

Is your store safe to handle financial transactions?

Another way to ask the question is whether the code itself is good to handle financial transactions. In other words, will your store remain PCI compliant? And the good news again is that there hasn’t been any sudden change that would make your store out of compliance simply because Adobe has said they want you to move to Magento 2 now.

That said, we’re not answering this question flippantly. The reality is that PCI compliance is a constant and ongoing dynamic that requires that everyone stay vigilant with compliance scans. If a scan comes back with a gap or issue, the only way to stay compliant is to address the issues.

But if Adobe / Magento aren’t publishing patches and your scan comes back with a vulnerability, how do you handle it? It’s a great question and the driver behind our creation of the Nexcess Safe Harbor program. We have your back.

Nevertheless, at this point, shy of something changing, you’re good to go with handling transactions unless your payment gateway decides to stop supporting their Magento 1 module.

If that happens, we strongly suggest you check out Stripe, who has a commitment to keeping their Magento 1 module going for their customers.

Is your store safe from external attack?

Another way to ask the safety question is to wonder about external attacks – malicious players who know that we’ve reach the end of life for Magento 1 and they want to take advantage of the situation.

Most hosts have some level of protection against bad actors. This kind of question is something you should ask them directly about.

What I can tell you about Nexcess is that we’ve been hosting and supporting Magento 1 merchants since Magento was created. We know the codebase and we’ve created dedicated hosting solutions for stores of every size. Along with that, we’ve created a best-in-class security infrastructure that supports Magento 1 stores.

But if your current host doesn’t give you some great answers, or if they tell you that your only answer is to migrate your store to Magento 2 hosting, then I’d love to introduce you to our Safe Harbor program, which provides malware detection, firewalls and IP protection, and so much more.

Will your store continue to stay safe?

The last way I think about this question of safety is about the condition of your store as things continue to evolve and change.

One of the things we talk about here a lot is the evaluation and transition that many merchants have been considering to other platforms – like Magento 2, WooCommerce, Shopify and BigCommerce.

Every one of those transitions, if they happen, take time. So what do you do if you want to start that kind of transition but still want to keep your Magento 1 store safe? Some of these migrations take months, others can take quarters.

The good news, and you’ve seen me reference it multiple times already, is our Nexcess Safe Harbor product that isn’t a long-term contract. It’s a month-to-month solution that provides protection even as you consider and potentially begin a migration of your store.

No matter what, there’s a way to keep your store safe

As you can see, any way you ask the question, the answer remains the same. With Nexcess as your hosting partner, we’re here to help you feel confident about running your Magento 1 store. No matter what, there’s a way to keep your store safe.