Security: Patched 1.7.0.2 versus 1.9.2.2
https://magento.stackexchange.com/questions/95469
-
20-10-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have three sites running 1.7.0.2 all fully patched and updated. Modules all written the 'proper' way (with a couple of small exceptions). The sites are all pretty much clones of each other.
There is a new site coming - I'm wondering whether I should upgrade them all to the latest version of 1.x (1.9.2.2 at time of writing) and build the new site on that too. It will mean a lot of testing, the sites do brisk business.
I also wondering whether it's worth that effort or whether I should just use our existing codebase and launch the new site on patched 1.7.0.2. Then focus the development effort on the migration to v2 (I'm aware that will be a much more serious project of course). The real question then is -
Is a fully patched 1.7.0.2 less secure than 1.9.2.2?
I'm not interested in any new features of 1.9.2.2, just whether running on patched 1.7.0.2 buys me enough time to re-develop these sites on v2.
I'm interested to know any thoughts.
Solution
First of all: Nice question!
I'd say a fully patched 1.7.0.2 is as secure as a new 1.9.2.2. As long as there are still security patches released for 1.7.0.2 you're good to go with it.
So I think it makes sense to continue with 1.7.0.2 and use the time to plan and develop your new shop with Magento 2.
