Magento eCommerce Software

by Ronald

In the beginning of the internet age, businesses had different uses for the internet and now as we fast forward to 2013 the internet age has changed once again! Today, the internet is a big part of our daily lives and even more so with online shopping. I can safely assume everyone reading this has bought at least one item off the web. As technology continues to grow and make our lives more and more simple; there’s a company called Magento that’s actually making businesses and organizations lives even more simple with their websites. Well, what is Magento you might ask. Magento is an open source eCommerce software platform that allows developers to create and develop websites with ease. Allowing developers to really give their company the personality it deserves. Since, Magento is a small company, in 2011, eBay acquired Magento giving the company more resources to expand and continue to develop its company software as well as improve eBays current sellers.  Roy Rubin co-founder of Magento said in a QnA session with Power Retail in Australia, “In 2010, PayPal became an investor in the company, and in August 2011 eBay acquired the business.” (Philips, 2012) This now gives Magento a larger reach and can now better develop its software. Although, this software makes companies feel more at ease with the development of their sites, it is an OPEN SOURCE program which posses security threats which we will discuss in a little bit.


People are always looking for an easier way to create websites. That’s the same reason we have companies like WiX that allows you to create a website for yourself. Even though WiX offers much ease, mid-ranged and large companies need a program that will match their needs with little to no restrictions. Magento’s platform is designed to be modular and flexible, so that e-commerce developers can have more control over how they build their online stores than if they use software whose source code can’t be modified. (Perez, 2011) The reason why this company has been so successful thus far is because it’s an open source software. It allows developers to create and modify their websites using anything ranging from HTML5, CSS, SQL, PHP and much, much, more. Magento is the world’s most evolved e-commerce solution. It runs on the Apache/MySQL/PHP platform. From one installation, you can control multiple storefronts, all sharing customer and product information. (Rice, 2010) Magento also launched an app store for its extensions. Developers could create applications on top of Magento, and retailers could use this functionality in their online storefronts via the app store. (Rao, 2012) This alone gives companies more freedom to develop a certain application that can be used for their website. These companies that create the application can post on the app store to give other companies the freedom to use it without needing to recreate an application that already exists.


Since this is an open source software there are a lot of security risks that also play a factor. We created 50 mutants based on the top 10 web application security risks highlighted by the Open Web Application Security Project (OWASP) [6]. They include injection flaws (e.g., SQL and LDAP injections), Cross-Site Scripting (XSS), broken authentication and session management, insecure direct object references, cross-site request forgery (CSRF), security mis-configuration, insecure cryptographic storage, failure to restrict URL access, insufficient transport layer protection, un-validated redirects and forwards. (IEEE, 2011) In total, there were 63 mutants that cause a security issue that people should be worried about. Although the mutants in the previous section are related to Magento’s functionalities, they reflect the general types of vulnerabilities in web applications. (IEEE, 2011) Since these are ‘general types of vulnerabilities’ found in web applications, should we be worried? The answer is no because all companies are constantly updating and upgrading their systems as well as implementing more security measures to defend against attackers. With that said companies have options in which platform they want to use.

(Taken from Magento’s website)

Magento has three different tiers companies can choose from. The Community Edition is a free version for tech savvy business people and developers to create a website to match their needs, however, this is the most limited edition. The Magento.go is more suited for small businesses and will receive better support and benefits than the Community Edition at a cost of $15 per month. Where the Enterprise Edition encompasses everything minus the hosting site/server which will cost a whopping $15,550 per year. The Enterprise Edition comes with the highest standards the company has to offer. While the other two tiers are still really great to use, the Enterprise edition is best suited for large corporations. Although this company is still small their clientele definitely says something about this product. Nike, Vizo, TOMS, and Fiji water are some of the companies that use Magento for their websites. As you can already tell this is not for your basic needs website. This is a powerful tool that is going to continue to grow in the years to come.


(Taken from Nike-AU Facebook page)

(Taken from Nike’s-AU Facebook Page)

Why do so many companies use this software? It allows companies to easily create what they want and how they want it in a short period of time and they have the numbers to prove it. On Magento’s about us page, it stated, “The Magento platform is trusted by more than 150,000 businesses, including some of the world’s leading brands.” Magento recently updated their software to make it even more powerful than before. The company has updated the software to improve four functions to ease any stumbling blocks retailers have as they continue to expand their businesses, especially as they begin to feature more than 1 million product SKUs. (Chen, 2013) For businesses it’s about having a faster return time in getting the site up and running as well as its functionality. While having a faster return rate is good being able to have a functioning website that can update quickly and report gains in revenues is even better. But, why would companies choose this software over others? Well, its because there’s no restrictions in an open source program. Developers can modify and create new options for the needs of the company. Not only that on Magento’s website, there are tutorials, forums, as well as technical support waiting to assist you with any questions you may have. Having a large community of developers can and will resolve issues you have. There’s always a solution to a problem.


Magento recently updated their systems earlier this month which includes:

Optimized indexing to deliver faster, full catalog reindexing for 1 million products. According to, Magento customers previously have had to completely reindex their site when adding products, changing prices, or updating images.

Improved caching performance to support greater traffic, or customers.

Streamlined checkout flow to improve page load times. Customers can now browse retailers websites 20%-35% faster and immediately access newly added products.

Improved tax recommendation engine to provide greater accuracy when calculating tax rates. The new version supports global merchants with more than 3,000 tax rate zones.


Companies will continue to use Magento as it continues to grow. As Magento remains an open source software platform, developers will continue to develop code. Technology is constantly changing and growing and since Magento is such a versatile software it will continue to prosper and help companies around the world. There will always be security issues as well as everything else in life, but as long as security measures are in place to help defend against attackers, we will be safe. The different choices companies can choose from allow small and big companies to use this software and continue to develop and improve Magento’s current state. I truly believe more and more companies, even fortune 500 companies will adapt this type of software to improve on their own websites.


Chen, K. (2013, April 12). eBay Upgrades Magento E-Commerce Platform. Fool. Retrieved from

Magento. (n.d.). Retrieved from

Perez, J. (2011, June 6). EBay Buys Magento to Boost Its E-commerce Developer Tools. EBay Buys Magento to Boost Its E-commerce Developer Tools. PCWorld. Retrieved from

Philips, C. (2012, February 21). Q&A: Roy Rubin, General Manager of Magento E-Commerce Platform. Power Retail. Retrieved from

Rao, L. (2012, April 12). Founder: eBay Doesn’t Understand The Meaning Of Open. TechCrunch. Retrieved from

Rice, W. (n.d.). Magento. Retrieved from

Thomas, L., Xu, W., & Xu, D. (2011). Mutation Analysis of Magento for Evaluating Threat Model-Based Security Testing. Retrieved from

4 thoughts on “Magento eCommerce Software

  • April 28, 2013 at 12:44 am

    Excellent paper and presentation Ron! I was wondering, you mention that Magento is modular and flexible, but that doesn’t mean it’s easy to develop. I did my own research and found that there’s a steep learning curve in it for beginners. The biggest issue seems to be in its navigation and coding style. Basically, if you don’t have the patience to learn, or the money to hire a certified Magento developer, lots of valuable time may be wasted. Smaller companies may actually opt for another website building service other than Magento. Sure there are forums, and maybe tech support if a company chooses Magento.go, but that can only go so far as time is of the essence. Do you believe that smaller companies should go for Magento anyway? It seems like Magento really only benefits the big enterprises.

  • April 28, 2013 at 5:47 pm

    Ronald, I think you did a wonderful with both your blog and class presentation. Like David, I too have done some additional research and noted that one of the biggest cons is that the learning curve is pretty steep for beginners. Other than that, I am impressed with the platform and understand why larger companies are steering towards the Magento Route with its many and expanding features. I really liked the fact that the platform is open source allowing developers to catch, fix, and communicate possible bugs, creating an even more stable platform. Thanks for the read!

  • April 29, 2013 at 4:45 pm

    I have used Magento, community edition, and in the setup I used, it only seemed to play nicely with Ubuntu. Do you know of whether this is standard, or whether Magento is actually cross-platform? Theoretically it should be since I believe it is written entirely in the cross-platform PHP, but I am curious.
    I also noticed that it was pretty slow on my setup, which was a VMware server consisting in 5ish blades of dual, quadcore processors, with about 20 other virtual systems also simultaneously running on it (although they were not doing much). Is my situation special and Magento is actually fairly quick, or is it actually quite slow?
    I also noticed during my experience with it that it was a little dizzying in terms of its learning curve. Admittedly, this may be because I am not a business oriented person, but my last question is this: is it a simple thing to set up a basic ecommerce website with Magento, or does it always require extensive study into business jargon, as well as the particular quirks of how Magento is organized?

  • June 10, 2013 at 12:42 am

    Opensource meets app store …. is what this sounds like to me. I think this concept is great. For smaller companies this is going to help the single developer out tremendously. Great blog.

Comments are closed.