One Year on From Magento 1 EOL

A year has passed since Magento 1 went end-of-life after a long-anticipated period and several date changes from the platform.

This time last year, there were a lot of stores still running on Magento 1. This left merchants with a growing uncertainty as to how their store would be impacted when Magento 1 was no longer supported. While it was expected that there would be a few immediate impacts, we were hedging our bets that as time passed, the risk would only become greater for those still operating on Magento 1.

As we approach the anniversary, we thought it was time to see what’s changed…

What were the risks of sticking with Magento 1?

Before we dive into the here and now, let’s recap on the risks merchants were taking by choosing to stick with Magento 1 despite the uncertainty.

  • Site vulnerabilities: Without official support of M1, it’s inevitable that there will be people out there working to capitalise on platform vulnerabilities. Breaches to the platform remain likely and will result in downtime or, in the worst-case scenario, a huge fine for businesses.
  • Lack of compliance: When Magento 1 hit EOL, we predicted that one of the hardest things for businesses to adapt to would be compliance. Magento and many third-party suppliers who were previously certified on the platform started distancing themselves from Magento 1. As such, it became the responsibility of the merchant to ensure they remain compliant. If something does go amiss, it is also their responsibility to take appropriate measures to protect their customers.
  • More and more bugs: With official support no longer being offered, the number of bugs in the platform is set to rise. The outcome? Astronomical costs and frequent downtime that made it harder and harder to continue using Magento 1.
  • A mismatch of security patches and updates: Security was probably the biggest unknown for companies choosing to stick with Magento 1. Without Adobe’s supervision or support, there was likely to be a fractured and delayed response to fixing the core codebase. As these fixes pile up and the codebase becomes more convoluted, we’ll soon begin to see patches that are only compatible with other versions of previous patches.
  • Resource at a premium: As Magento 1 approached EOL, we predicted a change in the availability of trained developers as many choose to swap their focus to Magento 2. Those developers that remain focused on M1 will have seen a sharp rise in demand and subsequently increased their costs.

How has the Magento 1 landscape changed?

So, now we’re all caught up, what has changed in the Magento 1 landscape? Our friends at Sansec have been keeping a close eye on the situation.

Sansec continuously monitor the global eCommerce space, updating their data daily and sharing with third parties. They offer great insight on Magento 1, spanning the last six months:

Global Magento 1 installs fall by 17%

There has been a significant reduction of approximately 17 percent in the number of Magento 1 installs globally in the last six months.

But Magento 2 installs jump by just 6%

While the percentage of Magento 1 installs has dropped, the growth of Magento 2 stores has not been particularly high. It’s important to remember this could be for a number of reasons such as a business ceasing trading, taking the opportunity to reconsider their platform choice or even choosing to sell through other marketplaces instead.

Typically, it’s smaller merchants who remain on Magento 1

As illustrated in these graphs, more than 50 percent of Community version users are still on Magento 1 – the majority of which are using Magento 1.9. When compared to Enterprise installs, it paints a very different picture with approximately 70 percent of all Enterprise users having embraced Magento 2. This could likely be interpreted that the cost to replatform is too high for smaller eCommerce businesses and, as such, they have chosen to remain on M1.

Less than 5% of Magento stores run the minimum recommended PHP version

New versions of PHP are created with increased site performance in mind. The current minimum recommended version of PHP is 7.4 yet nearly all Magento stores run on outdated versions that will be hindering store performance.

Keeping those Magento 1 installs secure

Not every merchant wants to make the move away from Magento 1. When this is the case, there are specialists committed to keeping support for the platform going. One of these credible partners is Mage One.

Last year, our friends at Mage One joined us at our Magento Leeds panel for a discussion on Magento 1 end-of-life. They shared valuable insight as to how merchants could protect themselves when choosing to stay on M1.

In the last year, Mage One have already released 37 patches. This figure demonstrates the very real need to ensure you keep on top of your Magento 1 implementation should you choose to stick with it.

More about our partners

Sansec – eCommerce malware and vulnerability detection

Digital skimming attacks are more prominent than ever in the eCommerce world. These attacks are often invisible to shoppers and merchants. But cyber criminals make millions by stealing personal data and payment information.  

It takes a highly trained and skilled eye to identify these attacks – this is where Sansec come in.

Sansec’s mission is to help merchants stay ahead of hackers. The global leader in eCommerce malware and vulnerability detection, the team behind Sansec were the first to document the emerging fraud of online skimming back in 2015 and have since identified more than 50,000 cases!

If your Magento store is under attack, Sansec can:

  • Resolve current hacks and prevent future incidents with eComscan
  • Detect malware and vulnerabilities
  • Alert you to malicious activity
  • Provide actionable security advice

Mage One – professional support for Magento 1

Mage One offer permanent support for merchants who want to stick with Magento 1. Providing technical and security updates, Mage One make it possible for merchants to continue using the latest technology.

To stay on top of security vulnerabilities, the Mage One team perform security checks of the existing Magento 1 source code and offer prize money to security experts and developers who also identify vulnerabilities and help them make the fix.

Where are you in your Magento journey?

There you have it, a yearly recap and update since Magento 1 end-of-life. Many other updates have occurred in this time including Magento’s name change to Adobe Commerce. Stay up to speed on the latest happenings by reading our blog: The Latest News and Updates from Adobe Commerce.

If you’re still on Magento 1 and considering making the move to Magento 2, get in touch with our eCommerce specialists who will be more than happy to chat through your next steps. We’ve delivered seamless replatforming projects for a number of brands including Nouveau Lashes, Sue Ryder, Osprey Europe and Beer Hawk.