We’re committed to supporting Magento after its end-of-life (EOL). Nexcess Safe Harbor makes sure your Magento store stays secure by providing patches for Magento core and allows you to worry about the operations of your store instead of security.
Nexcess Safe Harbor makes sure your Magento store stays secure by providing patches for Magento core.
Should any vulnerabilities be found we’ll provide patches and email all store owners so you can apply the patch and keep your stores safe.
Yes. You can still be PCI compliant even though the app is no longer supported by the original creator as long as it meets all PCI requirements.
This is the same way that writing your custom eCommerce software can be compliant. In all cases, you will need to go through your own PCI compliance process.
Yes. Nexcess infrastructure is PCI compliant.
Nexcess is PCI certified as a Level 1 Solution Provider, so any merchants using Nexcess Magento Cloud can use Nexcess’ PCI Attestation of Compliance to aid their own PCI certification process.
Yes. As per 6.2 of the PCI DSS Guidelines:
Protect all system components and software from known vulnerabilities by installing applicable vendor-supplied security patches. Install critical security patches within one month of release.
You have to keep all of your systems up to date. We’re responsible for sourcing & providing patches. If a vulnerability is found we’ll send an email with the patch details and remind you to patch your store in Safe Harbor using the included staging site.
Nexcess Safe Harbor makes sure your Magento store stays secure by providing patches for Magento core.
We’ll also provide patches for the most popular Magento extensions. So your payment gateway has no reason to stop accepting payments.
Given their commitment to keeping their Magento 1 module up to date, we strongly recommend checking out Stripe, if you haven't already.
We recommend using modules that explicitly state that they will be maintained after June 2020.
We will do our best to keep a list of vetted modules but given the quantity of vendors out there, it might be hard to support them all when it comes to security.
Per the PCI guidelines (6.2), anyone can provide this ongoing support for maintenance as long as the store owner can prove the store is being actively maintained in a timely manner. It doesn’t have to be the original vendor.
Our award-winning customer care team is here for you.
Contact Support