Magento 2.4.1-Release note (Things you need to know!)
Magento 2.4.1- Release note:
In Magento 2.4.1 version, we can see performance improvement and security enhancement, especially for B2B feature set. Security improvements include the SameSite attribute for cookies and the Order shop frontage page.
Additionally, CAPTCHA protection has been introduced for billing and order-related API endpoints. B2B innovations focus on supporting order processes, shipping methods, logging Admin actions, and better security.
Core code is significantly improved with over 150 bug fixes and 15 security enhancements. Almost 300 GitHub issues uploaded by members of Magento community have been resolved.
Outstanding features of Magento Open Source 2.4.1:
Magento Security-only Patch 2.4.0.1
This version allows you to install a time-sensitive security fix without applying numbers of functional fixes and include the hotfixes applied to Magento 2.4.0. Moreover, the security-only patch 2.4.0.1 to fix the vulnerabilities identified in the previous quarterly release.
Substantial security enhancement
Include more than 15 security fixes to close cross-site scripting (XSS) vulnerabilities and remote code execution (RCE).
Besides, Magento 2.4.1 also requires the add-on CAPTCHA safeguard to assist:
-
Place order storefront page and REST and GraphQL endpoints
-
Payment-related REST and GraphQL endpoints.
With support of the SameSite cookie attribute, Google Chrome implementation of the new cookie classification system will be approved.
Otherways, the advanced Magento Scan Tool allows the merchants to get real-time insights into the security rate of their site via proactive detection of malware and reduction of false positives.
Infrastructure Improvements
This Magento 2.4.1 release allows the store users to clear the contents of their shopping cart in a single action as well as improved quality of the Framework:
-
Customer Account
-
Catalog
-
CMS
-
OMS
-
Import/Export
-
Promotions and Targeting
-
Cart and Checkout
-
Staging and Preview
Performance improvement
-
Reducing the size of network transfer between Magento and Redis.
-
Improved messenger queue consumer performance
-
Enhancement in the execution time for the commands of bin/Magento.
New Media Gallery
This version enabled New Media Gallery for admin, therefore, merchants have performed the following actions in the Media Gallery:
-
Enable to delete bulk images.
-
Optimize Media storage by unused images of the storefront and detecting duplicate images
-
Filter images by the storefront area
-
Enhanced view metadata from the images,
-
Edit image metadata
-
Search for images by metadata
GraphQL
This release adds GraphQL coverage for the following features:
-
Product reviews: Allow customers and guests to write product reviews as well as retrieve the history of their product review.
-
Gift option: Allow customers and guests to add a gift message to their order.
-
Order history: Customers can view details about their order histories, including invoices, shipping, and refunds.
-
Allow stored payment methods for logged in customers as well as support for wishlists in the Magento Open Source version.
-
Enhanced management of customer accounts.
PWA Studio
Magento 2.4.1 introduces new features and enhancements for PWA Studio.
-
Updates to the Venia style guide for design tokens, page layouts, core components, and typography.
-
Enhanced Venia mini-cart experience and much more…
Apart from these, the Magento 2.4.1 release includes the Adobe Stock Integration v2.1.0., Magento Functional Testing Framework 3.1.0, and fixed issues in the Magento 2.4.1 core code
Fixed Issues
In Magento 2.4.1, there are hundreds of fixes of issues in the core code of Magento. You can find the fixtures in these fields:
-
Installation, Upgrade, Deployment
-
Adobe Stock
-
Bundle Products
-
Cache
-
Cart and Checkout
-
Catalog
-
Cleanup
-
CMS content
-
Configurable Products
-
Cookies
-
Cron
-
CSS
-
Customer
-
Directory
-
Downloadable
-
Email
-
Frameworks
Latest Magento Commerce 2.4.1 release consists of:
-
Enhanced Page Builder that full-screen mode for easier editing of content and consistent experience editing content across the admin.
-
Shopping cart improvements for B2B buyers.
-
Improved B2B Shipping methods
-
Introduces new admin features in Magento Commerce 2.4.1 version.
Why should e-commerce stores put security first?
In online retail, trust is important and your customers need to feel confident that you will protect their data. If a customer is not comfortable visiting your store and sharing their payment details with you, your business will suffer.
Personal data and payment information at risk
There is more than 250.000 Magento store in the world and this makes Magento one of popular eCommerce platforms as well as the target for hackers.
As technology develops, hackers’ attach tricks are more and more sophisticated. Instead of identifying a single victim, they target widely used technology and hits hundred of websites. This can provide a wide range of automation and a high chance of success.
The common Magento security mistakes
Missing HTTPS by default
In fact, some websites are vulnerable to attach while being active and receiving orders. The reason for this security flaw is that most of them don’t use HTTPS by default, as a result, the attacker can steal credit card information easily.
Exposed admin panels
The displayed admin panels are a common Magento security bug. Although this isn’t a serious error, the exposed admin panels will make it easy for hackers to attach and try to access your website.
Third-party applications
Insecure third-party applications are another source of vulnerability. As well as, the most common error is using third-party apps- some plugin or modules that are often useful and extend Magento applications but they haven’t checked yet. These modules aren’t sometimes supported and no security updates.
How to keep your store safe
Make sure the platform is up-to-date
When vulnerabilities are discovered, they are quickly fixed in the last Magento version, that is the reason why you need to keep you up to date.
Implement a long-term security strategy
Increased security awareness has helped people understand the value of the security, and as a result, businesses are willing to invest hundreds of billions of dollars in security services. Any system is vulnerable so security never stops growing. And what you need to do is to do regular internal audits, reviews, and tests on your site, something many companies forget.
Yeah, this is what is fully improved with detailed information about the latest Magento 2.4.1 version. Besides, make sure you have the experience and proficiency to upgrade your Magento 2 store to the latest Magento 2.4.1 version as the upgrade process can be risky. The safe way to upgrade your Magento 2 store to the latest version of Magento 2.4.1 is to get help from the experts.
What are you thinking about this version, please comment below!
Thanks!