Magento 1 goes End-of-Life (EOL) on June 30th, 2020. You can read more about Magento’s EOL status and reasoning on Magento’s blog. When software or systems are declared EOL, there are often serious implications for the users of the software, including degraded performance, increasing security vulnerabilities, and other complications.
For more information, see Magento 1 End of Life. The best way to deal with an EOL status is to upgrade to newer, better supported versions of the software. However, upgrading within a limited time window may not be possible for all users, which is why Nexcess is launching Safe Harbor for our Magento 1 users.
Safe Harbor is a product to keep Magento 1 stores protected and safe once Magento 1 hits End-of-Life (EOL). Safe Harbor provides additional security in the form of malware scans, external threat monitoring, Bad Bot Protection, IP blacklisting, staging environments for testing, and we'll backport patches. Our Safe Harbor product is an add-on to our shared Magento hosting plans.
Our Safe Harbor product is for every merchant still running a Magento 1 store. Every merchant running Magento 1 will need to invest to keep their technology stack up to date & secure. You can pay your development partner for a custom solution or you can use our Safe Harbor product that will work for any Magento store and the costs are far lower.
We will launch Safe Harbor starting in February of 2020. Our engineers will start rolling out proactive protective security patches before June 2020. Proactive malware scans, advanced threat protection, IP blacklisting, and the ability to test changes in a staging environment will all protect your store as soon as the product is added.
No. We won't automatically apply patches in version 1, to avoid causing issues unexpected errors on your Store. You can either download patches through the portal and install them yourself or you can request that support apply a patch to your site.
Yes, when there’s an update to server software we will issue a maintenance window and update the software. In the case of a significant Magento 1 security vulnerability we may auto patch stores and send notification of the update.
Safe Harbor will be available through the end of 2021.
You can also choose to migrate to Magento 2 or to WooCommerce. We have partners standing by to help with migrations in either case. Our sales team can help get that process started, contact them at 866-639-2377 or email@example.com.
Our Safe Harbor add-on will cost roughly 35% of a merchant's hosting plan. Migrations from Magento 1 to 2 can cost anywhere from $50,000 - $150,000. In that context, our Safe Harbor add-on is the most inexpensive way to make sure M1 stores are safe and will work long past June 2020. For more detailed pricing information, see our Safe Harbor product page or contact our Sales team at 866-639-2377 or firstname.lastname@example.org for additional help.
Yes, malware scans and reports are included in Safe Harbor. A date, the name of the malware, and the file that it was found in will be shown in the portal. The customers will also be able to request that malware be investigated by support by checking a box in the portal.
Yes. You can still be PCI compliant even though the app is no longer supported by the original creator as long as it meets all PCI requirements. This is the same way that writing your custom eCommerce software can be compliant. In these cases, you will need to go through your own PCI compliance process.
SafeHarbor is not currently available for clustered environments in the same way that it is for non-clustered environments. All features are available, but not automated through the portal yet. Please contact our Sales team to discuss security features in your clustered environment.
Safe Harbor is designed as secure way for customers to continue to use Magento 1 while they prepare to migrate to a newer solution. OpenMage is a divergent fork of Magento that may not be backwards compatible to Magento 1. While we plan to support OpenMage, we recommend Safe Harbor due to these possible compatibility issues.
Most of these features are already available on cloud plans, and we plan to port some of the new features after Safe Harbor’s launch.
Every store will have to go through Magento when it comes to Enterprise edition licensing. Nexcess has nothing to do with this and while we can support both Community and Enterprise edition, the continuity of the enterprise license agreement will ultimately depend on Magento.
No. Our preference is to have all sites at 1.9 but we know that this will not work for all customers. We are ready to help any customer to upgrade their sites as much as possible to avoid the problems associated with EOL software.
We recommend using modules that explicitly state that they will be maintained after June 2020. We will do our best to keep a list of vetted modules but given the quantity of vendors out there, it might be hard to support them all when it comes to security.
No. We can help discover code incompatibilities but Safe Harbor does not include code fixes to make it work with newer PHP versions. We have partnered with some agencies that can assist customers in making code fixes so that their sites work with newer PHP versions. The ability to create staging sites to try out PHP or other upgrades before implementing them in your production environment may help mitigate these issues. For more information about our partner agencies, contact our Sales team
Our award-winning customer care team is here for you.Contact Support