Security implications of the Magento 1 sunset (end-of-life)

Magento 1 will no longer receive security patches from Adobe after June, 2020 (source). This does not mean your store will get hacked on July 1st, but the risk of a breach will increase over time. Adobe is pushing merchants to upgrade to Magento 2, which is a sane choice for larger stores. 

Should you, for some reason, want to stay on Magento 1, there are a few strategies:

A. Outsource extended Magento 1 support

A number of companies have emerged who specialize in extended (security) support for Magento 1. The most promising is German Mage-One, which is backed by a team of well-known Magento contributors.

B. Hire an on-site Magento 1 developer

Should any security issues surface, it is likely that the open source community will quickly produce a code fix. As community-sourced code does not provide any guarantees, you will need an on-site developer who can assess the fix and any implications for your store. It is recommended to engage a developer who has experience with your store and code.

This page was last updated at May 21st, 2020

Need expert advice?

We are here to help!

Get in touch