E-commerce CMS Platform for Your Online Business
With digital buyer penetration predicted to edge near about 50% of overall Internet users in 2018, the e-commerce industry is ready to evolve and expand.
Last year more than 1 Billion Internet users made an online purchase and the numbers are continuously growing. This is probably the best time to jump in the line and start your online business if you have some amazing products to sell online.
However, an online business requires an eCommerce platform to start with and choosing the best e-Commerce CMS can be a lot of work. Apart from being visually appealing, your eCommerce website needs to be functional and cheap.
What is Magento?
Magento is an ecommerce platform built on open source technology which provides online merchants with a flexible shopping cart system, as well as control over the look, content and functionality of their online store. Magento offers powerful marketing, search engine optimization, and catalog-management tools.
Magento Community Edition is open source eCommerce software used to power hundreds of thousands of online stores. It can be downloaded for free and is most frequently used by developers and small businesses.
Magento is suitable for small e-commerce companies serving just one town or a state as well as MNCs. It grows with your business; regardless of the kind of e-commerce features or enhancements you need, Magento will never fail to surprise you (pleasantly, of course!).
No wonder why so many Fortune 500 companies (most having very complex e-commerce operations) are using Magento.
It is also possible to add customized back-end workflows to meet specific business requirements. With Magento, a modular ecommerce solution at the core, you’re in control of how you want your ecommerce website to look and perform.
With one backend CMS, Magento allows you to create multiple online stores.
You can control all of your inventory, billing tasks, customer records etc. from a single admin dashboard.
What’s New in Magento 2.4.3?
Magento Open Source 2.4.3 introduces enhancements to performance and security plus significant platform improvements. Security enhancements include expansion of reCAPTCHA coverage and inclusion of built-in rate limiting. Core composer dependencies and third-party libraries have been upgraded to the latest versions that are compatible with PHP 8.x. Page Builder is now available as a bundled extension in Magento Open Source. It is now the default content editing tool for Adobe Commerce and Magento Open Source.
This release includes over 370 new fixes to core code and 33 security enhancements. It includes the resolution of almost 290 GitHub issues by our community members. These community contributions range from minor clean-up of core code to significant enhancements in GraphQL.
This release includes over 370 new fixes to core code and 33 security enhancements. All known issues identified in the Magento Open Source 2.4.2 release notes have been fixed in this release.
Other release information
Although code for these features is bundled with quarterly releases of the Magento core code, several of these projects (for example, Progressive Web Applications (PWA) Studio) are also released independently. Bug fixes for these projects are documented in the separate, project-specific release information that is available in the documentation for each project.
Apply MC-43048__set_rate_limits__2.4.3.patch to address issue with API rate limiting
This hotfix provides a solution for the issue where Web APIs cannot process requests that contain more than 20 items in array. This issue affects deployments running Magento Open Source 2.4.3, Adobe Commerce 2.4.3, or Magento 2.3.7-p1. Built-in rate limiting was added to these releases to prevent denial-of-service (DoS) attacks, and the default maximum was set to 20. This patch reverts the default limit to a higher value. If you suspect that your store is experiencing a DoS attack, Adobe recommends lowering the default input limits to a lower value to restrict the number of resources that can be requested.
Look for the following highlights in this release.
Substantial security enhancements
This release includes 33 security fixes and platform security improvements. Many of these security fixes have been backported to Magento 2.4.2-p2 and Magento 2.3.7-p1.
Thirty-three security enhancements that help close remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities
No confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions. Most of these issues require that an attacker first obtains access to the Admin. As a result, we remind you to take all necessary steps to protect your Admin, including but not limited to these efforts: IP allowlisting, two-factor authentication, use of a VPN, the use of a unique location rather than
/admin, and good password hygiene.
Additional security enhancements
Security improvements for this release improve compliance with the latest security best practices, including:
- A new Composer plugin helps prevent dependency confusion and identifies malicious packages with the same names as internal packages on the public package repository.
- Rate limiting is now built in to Magento APIs to prevent denial-of-service (DoS) attacks. Web APIs now impose restrictions on the size or number of resources (the default maximum is set to 20 and can be configured to a different value based on business need) that can be requested by a client.
- ReCAPTCHA coverage has been extended to include:
- Web APIs that have corresponding HTML pages are covered through ReCAPTCHA. (This excludes web APIs that are accessed by integrations.) ReCAPTCHA coverage protects endpoints from spam attacks. When web APIs are accessed by a third-party integration service that uses OAuth, ReCAPTCHA is disabled.
- The Place Order storefront page and payment-related web APIs. ReCAPTCHA protection for these pages is disabled by default and can be enabled from the Admin. This coverage adds an anti-brute force mechanism to protect stores from carding attacks.
Starting with the release of Magento Commerce 2.3.2, Magento will assign and publish indexed Common Vulnerabilities and Exposures (CVE) numbers with each security bug reported to us by external parties. This allows users of Magento Commerce to more easily identify unaddressed vulnerabilities in their deployment.
This release contains enhancements that improve the quality of the framework and the following functional areas:
- Customer Account
- Promotions and Targeting
- Cart and Checkout
- Staging and Preview
PayPal Pay Later is now supported in deployments that include PayPal. This feature allows shoppers to pay for an order in bi-weekly installments instead of paying the full amount at time of purchase.
use_application_lock indexing mode. The
use_application_lock mode lets you enable re-indexing through either the use of environment variables or by configuring the
app/etc/env.php file. You no longer need to manually reset the indexer after failure with this mode enabled.
Magento 2.4.3 is not yet compatible with PHP 8.x, but the following platform upgrades bring us closer to future compatibility with PHP 8.x.
- Core Composer dependencies and third-party libraries have been upgraded to the latest versions that are compatible with PHP 8.x.
- The KnockoutJS library has been upgraded to v3.5.1 (the latest version).
- The deprecated TinyMCE v3 library has been removed. The
Magento_Tinymce3Bannermodule and MFTF tests related to TinyMCE v3.x have been removed from Adobe Commerce.
- Magento 2.4.3 has been tested and confirmed to be compatible with Redis 6.0.12. (Magento 2.4.x remains compatible with Redis 5.x.)
- Laminas library dependencies have been upgraded to PHP 8.x-compatible versions. Some redundant dependencies have been removed from the
composer.jsonfile. Adobe Commerce 2.4.3 uses Laminas 3.4.0.
This release includes enhancements that decrease indexation time for Product Price and Catalog Rule indexers. Merchants can now exclude a website from a customer group or shared catalog, which reduces the number of records for indexing and improves indexing times.
Adobe Stock Integration
This release includes Adobe Stock Integration v2.1.1.
This release adds GraphQL coverage for shared routes. The route query and RoutableInterface support routing requests on product, category, and CMS pages. The
urlResolver query has been deprecated, and its functionality has been superseded by the
Page Builder is now available as a bundled extension in Magento Open Source. It is now the default content editing tool for Adobe Commerce 2.4.3 and Magento Open Source 2.4.3. It can replace the WYSIWG editor with any third-party module.
Page Builder replaces the TinyMCE editor in the following Admin areas:
- CMS Page
- CMS Block
- Category Description
- Product Description
All the content created in TinyMCE has been migrated into Page Builder as HTML.
For information about enhancements and bug fixes, see PWA Studio releases.
Upgrade Compatibility Tool
The scope of the Upgrade Compatibility Tool has been expanded based on feedback from the community. Join our #upgrade-compatibility-tool Slack channel to get support from the Adobe product team and the community, as well as to help guide the future direction of the tool.
Vendor Developed Extensions
See the following articles for updates on features and changes for this release:
- Amazon Pay
- dotdigital Engagement Cloud
- Vertex Cloud
- Yotpo Product Reviews
How to Choose Best and Cheap Magento 2.4.3 Cloud Hosting?
To choose hosting provider that fully support Magento 2.4.3 is not easy task. We highly recommend ASPHostPortal for your Magento 2.4.3 hosting partner. Not only offer cheap price, but also expert Magento 2.4.3 support team. You feel free to host your great Magento 2.4.3 site with their great Magento 2.4.3 hosting service. The following are the reasons why you should choose ASPHostPortal as your Magento 2.4.3 hosting partner.
Why ASPHostPortal is the Best and Cheap Magento 2.4.3 Cloud Hosting?
ASPHostPortal comes with eight Windows cloud hosting plan, and the prices start from $3.81/mo. You can start your Magento 2.4.3 site from $3.81/mo only. That certainly makes ASPHostPortal the cheapest Magento 2.4.3 cloud hosting in the field. Moreover, if there is anything wrong, customers can cancel the service, and ask their full money back within the first 30 days, according to ASPHostPortal 30 Days Money Back Guarantee.
ASPHostPortal.com – Plesk Control Panel
ASPHostPortal Windows Hosting comes with Plesk control panel. Plesk is best control panel to manage windows hosting. You can easily manage your server, email accounts with few clicks. You can instantly install over 100 applications on your website with just a few clicks. You can check everything about your website including disk space, traffic, logs & statistics and many more.
ASPHostPortal.com – 99.99% Uptime Guarantee
Does ASPHostPortal really give 99.99% up time? The answer is yes. ASPHostPortal Windows Hosting servers are capable enough to make your website 99.99% available. ASPHostPortal has established a world-class infrastructure making it possible to guarantee such a high uptime percentage. Of course there is always the possibility that some factor beyond the control of the ASPHostPortal Company will result in more downtime. Fortunately, this does not occur too often. Upgrades and maintenance downtime are acceptable and do not impact the uptime guarantee.
ASPHostPortal.com – Expert Support Team
In order to provide top-level web hosting service, ASPHostPortal.com offers 24/7 available technical support with professional and experienced support staffs via create ticket from helpdesk. Besides, those support staffs are been in this field for over 3 years, thus be able to offer efficient troubleshooting process, and provide the best resolutions to any issues raised by customers.