Blog

Secure your Magento 1.X Versions running on PHP 5.6 with PHP 7.2!!

There is a drastic change in the growth of websites every single day. Most of them come under the criteria of CMS ( WordPress, Joomla, Magento, Drupal, etc). Online Shopping is yet another trend which makes people comfortable with purchasing altogether.

So, E-Commerce sites have great importance in this present world. Moreover, most of the E-Commerce sites are built with Magento 1.0 to Magento 1.9. But the problem is there comes an security issue which needs to be taken a high concern.

One more shocking news is that PHP has officially announced that it is stopping security updates for PHP 5.6 and 7.0 in December 2018.

In this article, we have stated how you need to secure your E-Commerce Website built with Magento and running on PHP frameworks.

So, when are the security updates ending for the versions 5.6 and 7.0?

• For PHP 7.0 security updates have got stopped by 3rd December 2018.
• For PHP 5.6 security updates have got stopped by 31st December 2018.

Why the security updates got ended?

Every single version of PHP is supported only for two years. In these couple of years, all the bugs and security issues gets fixed. Once the two year period gets over, each domain of PHP is supported for another year only for critical security issues.

Once the support period gets over, the branch comes to End of Life which means it cannot be supported any more.

Since PHP 5.6 is the final phase for PHP 5 release, the support for this version has been increased for four months which has got over by December 31st, 2018.

What happens if you miss updating PHP 5.6 or 7.0 of your Magento website?

In simple words, it would make your website more vulnerable to the attackers. If in case, your website gets hacked, these things will happen subsequently:

• Admin credentials will be imperilled.
• Customer data such as credit card details will be stolen.
• A significant drop in search engine ranks which will ultimately lead to losing your customers.
• The database will get manipulated.
• Your website will be slower compared to your competitors.

I’m not aware of my website’s current PHP version! How can I find?

• This can be done by just logging in to your Control Panel. If you have SSH access, you can type the following command:

php -v

• Added, you can make use of online tools since there are a plethora of tools available already!

• Yet another way is to call your hosting provider and ask them about the PHP version used in your site.

So, How should I secure my Magento 1.X Site?

There are a couple of ways to secure your site. The primary method is to upgrade your Magento 1.x site to the latest Magento 2 version. The next method is to upgrade to PHP 7.2 and apply the patch for Magento 1.x.

• Upgrade your Magento 1.x site to the newest Magento 2 version

• The recent version Magento 2.2.6 runs on PHP 7.1.x. Therefore switching to the latest version of Magento would definitely help you and protect your site.

• Added, it will also increase your website’s performance.

• Upgrade to PHP 7.2 and implement the patch for Magento 1.x.

• This second method can be done when you start upgrading to the next version provided by the Magento.

If you aren’t aware of the upgrading, we are here to assist you! Check out the following section!

How should I upgrade PHP from 5.6/7.0 to 7.2 and secure Magento 1.x?

Before starting the development of the site, you need to have a version control system like GIT which manages the record of changes you make with the code. Version control can also be used for favourably backing up your code.

• Step 1: Back up your site

To perform the back up for your Magento site, you need to follow the mentioned steps:

• Log in to your Magento Admin Panel.
• Click on the System menu and under the Tools category click on Backups.
• Now select Database Backup and enter the name of backup. It is highly recommended to use enter date in the backup name for future reference.
• Mark the box next to the “Put store on the maintenance while backup creation” and click on the Ok button.
• At last, the back up will get downloaded to your computer.

• Step 2: Code and Media Backup

• To backup code and media files, you can follow this guide.

• Step 3: Check for Compatability extensions

• This is going to be a critical thing which you need to give importance to. You need to upgrade to the next version if you need them to support.

• If there is no such update from your extension vendor, you may ask your developers to customize the continuation to support PHP 7.2.

• Step 4: Update your current PHP version

• To secure your website, it is mandatory that you need to update your PHP version.
• To update, go to your web hosting control panel and upgrade the PHP version.
• If you aren’t aware of that, you can look at this.

• Step 5: Apply the Patch

• Magento has released the latest version PHP 7.2 patch specifically for Magento1.9 customers.
• This patch will make your website compatible with PHP 7.2 and make it secured from attacks.
• You can download patch links here
• If you need assistance with applying the patch you can refer to this article.

Never forget to ensure that the security of the website is a part of the SEO process:

Generally, security issues aren’t given importance in SEO processes. Connect your website to Google Search Engine Console and get notified about Security risks and issues to enhance your SEO performance of the site.

To Close

Security has become a major concern which needs to be noted. If you don’t give importance to your website, it may result in vulnerability leading to losing your business as well as customers.

Hope this tutorial would have helped!

If you have any queries, jot down your comments in the comments section below!!

• Happy Reading 🙂