After July 2021, the 2.3.x release line no longer received quality updates or user guide updates. PHP 7.3 reached end of support in December 2021, and Adobe Commerce 2.3.x reached end of support in September 2022. We strongly recommend upgrading to Adobe Commerce 2.4.x to help maintain PCI compliance.

Security Action Plan

This site contains archived merchant documentation for a version of Adobe Commerce and Magento Open Source that has reached end-of-support. The documentation available here is intended for historical reference only and is not maintained. The Adobe Commerce Merchant Documentation for current releases is published on the Adobe Experience League.

If you suspect that your site is compromised, follow this action plan without delay.

  1. Diagnose

    Run a scan to establish the security status of your Magento store.

  2. Clean

    Hire a qualified consultant or online service to clean your site of all malicious code. Check the /media folder for leftover executable code. Remove all unknown Admin users and reset all Admin passwords.

  3. Protect

    Keep your Magento installation up to date with the most current release. If you are using an older version, apply all security patches as they become available. Review and follow Adobe Commerce Security Best Practices. Subscribe to the Adobe Security Notification Service.

  4. Report

    If you think that you have found a specific vulnerability in Magento, send a description of the problem with technical details to security@magento.com.

  5. Upgrade

    For the additional peace of mind that comes from 24/7 support, plan your upgrade to Adobe Commerce on Cloud infrastructure now.

© 2024 Adobe. All rights reserved.