Do these two things to keep your Magento 1 store running after June
by Sansec Forensics Team
Published in Threat Research − May 28, 2020
Over a 100 thousands Magento 1 stores will be running after Adobe terminates support in June (end-of-life). Many merchants need more time to transition to Magento 2 or another platform. No need to panic, your store will not suddenly crash on July 1st. But you should make two important arrangements to enjoy continued payments and to prevent a security incident.
It boils down to getting the proper updates in place, at the right time. Or a brick & mortar analogy: you need a security camera and solid locks.
First: know WHEN an update is required
Hackers typically exploit software bugs to get into your store. Critical bugs in Magento or third party components are discovered about once or twice per month. Not all bugs apply to every store, but when one does, you really want to get a fix in place within 48 hours of the bug publication. Some bugs are exploited within hours on a massive scale.
Tracking these bugs in Magento and perhaps a few dozen installed extensions is very time consuming. So let software do that for you! Our eComscan monitoring solution is specifically made to find critical issues in Magento stores and third party components.
Additionally, eComscan will also discover malicious activity and find previously hidden backdoors. This is essential information for any store owner.
Second: know WHERE to get a future update
When eComscan discovers a critical bug in your Magento 1 store platform, it will alert you right away, and suggest an emergency fix. However, this only functions as first line of defense. You should get a proper, functional patch installed within 2 weeks. Adobe will no longer provide these patches, but several parties have stepped in.
Mage-One offers commercial Magento 1 support contracts. This is a recommended solution, when you do not have senior, experienced Magento developers on-site.
An open-source solution is OpenMage, which promises community-sourced patches. Installation and testing requires a capable developer.
Summary: prepare yourself
Keeping your Magento 1 store up and secure beyond June, 2020, requires a bit of preparation. We recommend merchants to implement monitoring for visibility into their risk situation. And merchants should learn about the available channels for future Magento 1 patches.
To protect as many Magento 1 stores as possible, we have launched a promotion. Use coupon
M1SECURE to enjoy a 50% discount on a new 3 month eComscan subscription for your Magento 1 store.
Read more: What about Magento 1 and PCI compliance?
In this article
What is Magecart?
Also known as digital skimming, this crime has surged since 2015. Criminals steal card data during online shopping. Who are behind these notorious hacks, how does it work, and how have Magecart attacks evolved over time?About Magecart