If you own or work on a Magento website, you’ve undoubtedly come across messages from one source or another alerting you to upgrade your website ahead of Magento end of life dates. However, according to the numbers, many Magento merchants are not keeping up with crucial upgrades.
Magento End of Life Stats and Dates
Magento users enjoy what is, by far, one of the most innovative and robust ecommerce content management systems. Since Magento 2 launched in 2015, many storefronts have made the transition to Magento 2 or other ecommerce platforms. However, there are still many that remain on the Magento 1.x version. Additionally, businesses that have made the move to Magento 2 may still be in need of an update. They are on an early unsupported iteration of Magento 2, which includes 2.0, 2.1, and is soon to include 2.2.
According to BuiltWith, as of December 2019, there are 190,000+ live Magento websites, but only 7,000+ are on Magento 2.3.x, the latest version of Magento, which was released in 2018.
As it stands, Magento users are facing end of life dates for Magento 1.x, as well as for early versions of Magento 2. Here’s a quick breakdown:
- Magento 1.x: Will reach end of life in June of 2020
- 2.0: Reached end of life in March of 2018
- 2.1: Reached end of life in June of 2019
- 2.2: Reached its end of life on Dec 31st, 2019
Back to the stats, Builtwith reports that 9,000+ sites are on Magento 2.2, which sunset last month. Almost 5,000 are on Magento 2.1, and 400+ on Magento 2.0, all of which are no longer supported. Even if these stats are imperfect, there’s a clear trend. There are far more M1.x sites still live than Magento 2.x sites. Just looking at the stats for Magento 1.9, the latest version of the Magento 1.x family, Builtwith is reporting 42,000+ sites.
“…Then you better start swimmin’ Or you’ll sink like a stone For the times they are a-changin’” – Bob Dylan
Your Responsibility
As a Magento user, it’s up to you to patch and upgrade your website and keep up with security requirements, even if you aren’t rushing to adopt every new feature and functionality that Magento releases. In that sense, Magento is like other open-source platforms. You get a lot of room to innovate, customize, and be the master of your destiny, but there’s some maintenance involved.
Why Upgrade?
What happens when you’re on a version of Magento that’s gone end of life? Magento stops providing you with security patches and software updates to install. This invariably means that, as hackers find new ways to exploit websites, you can’t count on Magento to provide you with solutions.
How many security updates could be needed? The most recent patch for Magento 2, for instance, had 75 security fixes, while the most recent patch for Magento 1 addressed a dozen security vulnerabilities. Tracking and solving security threats is not something that individual website owners should be taking on. Keep in mind that all eCommerce websites are targets, not just large enterprise websites.
In addition to your Magento software, you also need to upkeep your Magento extensions and integrations. Those too may reach their end of life. In essence, extension developers won’t necessarily be providing security updates for their old patches. In some cases, SaaS providers and other vendors may even discontinue their services for Magento 1 websites.
Example
For example, Adyen, a major payment processor, has already announced that they will not be supporting merchants on Magento 1 after its end of life. They published the following messages for their customers:
“To keep your business secure and compliant and continue processing payments with Adyen, you need to migrate to Magento 2 or another platform… Furthermore, using Magento 1 after June 1, 2020 makes you unable to comply with the Payment Card Industry Data Security Standards (PCI DSS), which can result in non-compliance fines.”
In essence, if you weigh the risks that a major security incident could have on your customers, your brand, your employees, and your overall business, it’s very likely that you’ll choose to leverage an up-to-date version of Magento. In doing so, you’ll also get access to new features that can help your business differentiate against competitors.
