Magento Commerce 1 End-of-Life FAQs
When is Magento 1 End-of-Life (EOL)?
As previously announced in the Magento Software Lifecycle Policy and Magento Open Source Software Maintenance Policy, the End-of-Life (EOL) date for all currently supported or maintained versions of Magento Commerce 1 (Magento Community Edition and Magento Enterprise Edition). Magento will cease distributing or providing any support or updates for these versions of the Magento Commerce Platform including Community Edition v1.5-1.9 and Enterprise Edition v1.13-1.14.

Are additional steps required to maintain compliance with Payment Card Industry Data Security Standards (PCI/DSS) after EOL?
Under PCI/DSS Requirements 6.1 and 6.2, organizations are required to identify security vulnerabilities and to ensure that all system components and software are protected from known vulnerabilities by installing applicable vendor-supplied security patches. Such security patches will no longer be released by Magento. All merchants should evaluate these requirements and consult with their legal, engineering and security teams as well as reach out to their Payment Provider to assess compliance requirements.

What are some available options that can be implemented post Magento Commerce 1 EOL to help ensure compliance with PCI-DSS?
For merchants still using Magento 1 after EOL, we recommend the following options:
  1. Migrate to Magento Commerce
  2. Migrate to Magento Open Source
  3. Contract with a third-party vendor that provides security patches for Magento 1
Questions? Contact us and reference the Magneto 1 Commerce End of Support FAQ or the Magento 1 Open Source End of Support FAQ