Magento Commerce Software End of Support FAQ
Magento Commerce Software End of Support FAQ
The following FAQ is intended to help merchants, developers, and partners understand the implications of Magento’s published End of Support date for all versions of Magento Commerce.
Q. Where can I find the software support dates for all versions of Magento Commerce?
Magento publishes its software lifecycle policy, which contain the dates for software support, here:
Q. What does it mean when Magento ends support for a version of Magento Commerce software?
When Magento ends the support for a version of its Magento Commerce software, you can expect the following:
Magento will cease creating any further product changes (including functional, quality, security, and PCI compliance changes);
Community pull requests will no longer be accepted or merged for that version;
Extensions in the Magento Marketplace that are only compatible with unsupported versions of Magento Commerce will be removed;
Documentation for the unsupported versions will be removed from magento.com (e.g. Dev Docs materials);
Support tickets submitted after a Magento Commerce version’s end of support will not be worked on to resolution (more technical support details are below).
Q. What are the implications to merchants for using unsupported Magento Commerce software?
If you continue to use unsupported Magento Commerce software, you will likely see negative impacts, including but not limited to, the following areas:
Providing secure, differentiated shopping experiences
Once a version of Magento Commerce software is no longer supported, it falls out of PCI compliance and it is your responsibility to re-certify compliance. Merchants may be subject to fines or removal of credit card processing ability if you are unable to update vulnerabilities from regular scans and penetration testing.
- General security vulnerabilities tend to increase the longer software is unsupported as hackers continue to use new technologies and techniques for exploitation. This raises the risk of attacks and security breaches over time and increases the possibility of exposing personally-identifiable customer data.
- There exists a tangible brand and business risk if your site is perceived to be insecure, eroding the trust you may have built up over time with your customers.
- In the event of a data breach of personal information, merchants may be required to notify their customers – and face potential fines and penalties.
Operating efficiently and effectively
- Merchants who continue to use unsupported versions of Magento Commerce software will need to spend resources to evaluate and employ third-party vendors to provide security support, fixes, and updates. Furthermore, the merchant or their security provider will need to monitor for ongoing security risks and issues.
- As unsupported versions of Magento Commerce software ages, there is a diminishing pool of developers and partners willing and able to provide support for outdated versions as they orient their operations to newer technologies. Generally, the result is that the quantity and quality of talent for software maintenance decreases, while the cost to maintain the software increases. Note on Magento 1: Development on the Magento 1 platform is a legacy skill and is becoming rarer, and often more expensive, as a larger percentage of the Magento community shifts to Magento 2 development. For partners and developers, it is difficult to sustain legacy platform developers for only security maintenance.
- For unsupported Magento Commerce software, peripheral technologies and dependencies also reach their own end of life cycle (e.g. PHP, MYSQL, REDIS, SOLR). This makes it increasingly difficult, and oftentimes impossible, to manage and maintain a fully secure and compliant site using unsupported versions of Magento Commerce software.
- Extension developers also increasingly focus their effort on the latest technologies and compatible platforms. As a result, it is unclear whether the extensions themselves will be supported in the future if they break or become a security risk.
- Using unsupported versions of Magento Commerce software often leads to spending more money and resources maintaining an old platform instead of applying those resources towards continued business innovation and growth.
• Magento continues to invest in new technologies and capabilities. By continuing to use older, unsupported software versions, you are unable to take advantage of newer technologies and capabilities that can help your business operate more strategically and grow more quickly.
Q. What are some examples of how merchants can benefit from new technology by staying current with their Magento Commerce software?
There are several ways you significantly benefit from staying current on your Magento Commerce software:
- Magento Commerce 2 has many out-of-the-box capabilities that would otherwise need to be customized on Magento 1, or may not be possible (e.g. Page Builder, PWA). As new features are added to Magento Commerce 2, the capability gap between new and old software versions widens.
- Future innovations are happening on Magento Commerce 2 by Magento and our ecosystem. No new innovations or extensions are being developed on Magento 1.
- Magento Commerce 2 is built on a modern codebase to address the rapidly shifting commerce environment of today and into the future. In comparison, the Magento 1 codebase will be 10 years old when it reaches its end of support. Magento 1 was built with a set of commerce capabilities designed to address the commerce environment at that time. While the commerce environment has changed rapidly since Magento 1’s original launch, the Magento 1 code base no longer has the flexibility to be an innovative platform to accommodate tomorrow’s commerce needs.
Q. What should I do to avoid software end of support issues?
Your commerce platform is one of the important business systems for your company and staying up-to-date and current is a critical ongoing investment back into the business. There are always ways to cut corners in business, but with technology and security for your digital storefront, staying on the latest version is important and helps you avoid end of software support complications.
Moving to the latest version of Magento Commerce software takes some time and resources to execute well. As a result, it is a best practice for you to plan as far in advance of the end of support date as possible to ensure you have the time and resources to achieve your strategic goals on- schedule and within budget.
Another important consideration is to reserve developer and partner resources as early as possible. Partner time and resources frequently get booked up well ahead of the end of support date, resulting in significantly fewer alternative resources to assist with migration projects. Again, you should plan early to avoid having to scramble to find developer or partner resources.
Q. Can I use a 3rd party service provider to give software support when Magento-provided support ceases?
Yes, you can look for security firms, developers, or partners who will provide support for unsupported versions of Magento Commerce. It will be the merchant’s responsibility to evaluate these providers, re-certify compliance as necessary, and identify and resolve on-going security threats that may impact their business and customers.
Q. Can Magento recommend a 3rd party service provider for extended support beyond the end of support date?
No, Magento does not recommend or endorse any providers for software support beyond our end of support date.
Q. I have a license for Magento Commerce that extends beyond the stated end of support date for that version. Will Magento continue to provide software support for my unsupported version through the life of my license if I choose not to move to a supported version?
The Magento Commerce license provides you the right to access and use generally available versions of Magento Commerce, including accessing and using unsupported versions. Regardless of whether your software version is supported, you are required to continue to pay your then current license fees in order to continue to access and use Magento Commerce software. This right ends when your Magento Commerce contract ends.
The Magento Commerce license does not provide any obligation to continue to provide software support for versions that have reached and passed their end of support date. Importantly, if you remain on unsupported software, you will additionally need to manage and pay for your own security patches and PCI compliance re-certification, and will likely take on additional risk and liability for security breaches.
Q. Does a software version “shut down” when it reaches and passes its end of support date?
No, Magento Commerce software does not “shut down” once the end of support date is reached or passed. You can continue to use unsupported Magento software as long as your account is in good standing, however you will shoulder additional responsibility for PCI compliance re-certification, face potentially more liability for security breaches linked to the unsupported versions, and will no longer be able to file support tickets. Importantly, you will no longer receive security patches or upgrades that protect your digital storefront from bad actors on the internet.
Q. Can I continue to use Magento Commerce software after my license has expired?
Once your Magento Commerce license expires, you are required to cease using Magento Commerce software and must delete all versions of that software. As long as your account is in good standing, the Magento Commerce license provides you the right to access and use generally available versions of Magento Commerce, including accessing and using unsupported versions.
Q. Will support tickets opened BEFORE the end of support date of a software version continue to be worked on to resolution even after the end of support date has passed?
Yes, support tickets opened prior to a software version’s end of support date will continue to be worked on and resolved even if the end of support date for that software version has passed. However, resolving support tickets may be dependent on whether resolution relies on components outside of Magento’s control that have themselves expired or reached end of support. In these instances, the support ticket cannot be resolved and will be closed accordingly.
Q. If I open a ticket for a software version where software support ends soon, will Magento prioritize those tickets so that they are resolved before the end of support date?
No, Magento does not re-prioritize support tickets based on the end of support date of those software versions. Support tickets are addressed in order of their severity and their date of receipt. Also, artificially increasing the severity of a support ticket does not accelerate ticket resolution, and may in fact delay the time a ticket is addressed.
Q. For support tickets opened BEFORE the end of support date, is there an alert to remind merchants of the upcoming end of support?
No, there are no reminder alerts notifying support ticket users of upcoming end of support dates. It is the responsibility of the ticket opener to know the end of support dates for the Magento version they are on, which can be found on our Magento Software Lifecycle policy.
Q. If a support ticket for a software version is opened AFTER the end of support date for that version, will it still be worked on to resolution?
No, Magento will not work to resolve support tickets that were opened after the end of support date for that software version.