New: AI Workforce - waiting list open →

    Upgrade deadline — regular support ends 11 August 2026

    Magento 2.4.6 End of Life

    What UK Store Owners Must Decide Before 11 August 2026

    By Simon Bumford, Founder of EveryHost10 min read

    TL;DR

    Regular support for the Magento 2.4.6 line ends on 11 August 2026. After that: no security patches and no quality fixes, ever again, for that version. Your store keeps running — it just stops being defensible. For most stores the right move is an upgrade to Magento 2.4.8 (stable, supported to around April 2028, extension ecosystem mature), which typically takes 2–6 weeks — feasible if you start now. Magento 2.4.9 is the newer, longer-lived option but carries early-adopter risk while extension vendors catch up. This guide walks through both paths, the extension audit that decides your timeline, and what changes on the hosting side.

    What happens on 11 August 2026 — and what doesn't

    Let's start with what doesn't happen, because this is where end-of-life dates get misunderstood in both directions. On 12 August 2026, a Magento 2.4.6 store will look exactly as it did the day before. Pages load, checkout works, orders come in. Nothing switches off. Anyone telling you your store will "stop working" is scaremongering.

    What actually happens is quieter and, over time, worse. Under Adobe's published released-versions schedule, regular support for the Magento Open Source and Adobe Commerce 2.4.6 line — which originally shipped in March 2023 — ends on 11 August 2026. From that date, Adobe publishes no further security patches and no quality fixes for 2.4.6. Every vulnerability discovered in the platform from that point on is fixed for supported versions and left open, permanently, on yours.

    That has two practical consequences beyond the obvious hacking risk. First, new CVEs published after end of life will never be fixed on 2.4.6 — the gap between your store and a patched store doesn't stay constant, it widens with every security bulletin Adobe releases. Second, PCI DSS compliance expects the software handling cardholder data to be supported and patched. An ecommerce platform that can no longer receive security patches is a compliance problem as well as a security one, and it's the kind of thing acquirers and assessors ask about.

    So the honest framing is this: 11 August 2026 isn't the day your store breaks. It's the day your store starts silently accruing risk you can't patch away. The decision in front of you isn't whether to upgrade — it's which version to upgrade to, and whether you start now or under worse pressure later.

    First: check which version you're actually on

    Before planning anything, confirm your exact version. Plenty of store owners are surprised by the answer. Either check the footer of your Magento admin panel, or run this from the Magento root directory on your server:

    bin/magento --version

    Note the patch level as well as the version — for example 2.4.6-p11 rather than plain 2.4.6. Being on a recent patch level is good news for your current security posture, but it doesn't change the deadline: every 2.4.6 patch level reaches end of life together on 11 August 2026.

    And if the command comes back with 2.4.4 or 2.4.5: those lines are already past regular support. Everything in this article applies to you with the urgency turned up — you're not approaching the cliff edge, you're past it, and every Adobe security bulletin since your line went EOL contains fixes your store never received.

    Your two realistic upgrade paths: 2.4.8 vs 2.4.9

    From 2.4.6 there are two sensible destinations, and they suit different situations.

    Magento 2.4.8Magento 2.4.9
    StatusCurrent stable long-term lineNewest release — GA 12 May 2026
    Supported until~April 2028Longer — newest line in the schedule
    Stack requirementsEstablished stack; most modern Magento hosting already supports itValkey replaces Redis, OpenSearch 3, PHP 8.4/8.5, MySQL 8.4
    Extension ecosystemMature — vendors have had time to confirm compatibilityStill catching up; early-adopter territory
    Our recommendationDefault choice for 2.4.6 stores under deadline pressurePlan for later, unless you have a strong reason and time to test

    Option A — Magento 2.4.8 is the recommended default. It's the current stable long-term line, supported through roughly April 2028, which buys you nearly two years of patched, compliant running before the next forced decision. Extension vendors have had time to confirm compatibility, which matters more than any other factor for upgrade speed. A typical 2.4.6 → 2.4.8 upgrade takes roughly 2–6 weeks depending on extension count and customisations. Started in mid-July, that comfortably beats the deadline. Started in late July, it's tight.

    Option B — Magento 2.4.9 reached general availability on 12 May 2026 and is the biggest architectural shift in the 2.4.x line since 2.4.4: Valkey replaces Redis as the official cache backend, OpenSearch 3 is required, PHP moves to 8.4/8.5, MySQL to 8.4, and over 560 issues were fixed. It offers the best longevity — but it's early-adopter territory while extension vendors catch up, and the first aggregated patch (2.4.9-p1) is expected in the coming weeks and months. If you're curious about what the new stack involves, we've covered the Magento 2.4.9 hosting requirements and published a full Magento 2.4.9 upgrade guide.

    Our honest advice for most 2.4.6 stores facing this deadline: go to 2.4.8 now, and plan 2.4.9 as a considered move later, once the extension ecosystem has settled and the first patch rounds have landed. An upgrade done under time pressure to a brand-new architectural line is how projects overrun past the deadline they were meant to beat.

    Why the extension audit decides your timeline

    If there's one thing to internalise from this article, it's this: the single biggest variable in a Magento upgrade timeline is your third-party extensions. Not the core upgrade itself — Magento's own upgrade tooling is well-trodden. It's the payment modules, shipping integrations, search enhancements, page builders and the extension somebody installed in 2023 whose vendor has since disappeared.

    So before you book a single day of development time, audit every extension on the store. For each one, establish: is there a version compatible with your target Magento release? Is the vendor still active? Is the extension actually still used, or is it dead weight that can simply be removed? Every unmaintained extension is a fork in the road — replace it, pay for custom compatibility work, or drop the functionality — and each fork adds days or weeks.

    This is why the honest answer to "how long will our upgrade take?" is always "show me your extension list first." A store with eight well-maintained extensions is a very different project from a store with forty of mixed provenance. It's also why starting the audit this week costs you nothing and tells you almost everything about whether your 11 August plan is realistic. If the audit reveals a problem extension, you want to know in July, not the first week of August.

    The hosting side of the upgrade

    A Magento version upgrade is never just application code. Each release line has its own system requirements — PHP version, search engine, cache backend, database — and moving up a line usually means moving the stack too. 2.4.8 expects a newer PHP than many 2.4.6-era servers run; 2.4.9 goes further, requiring OpenSearch 3, PHP 8.4/8.5, MySQL 8.4 and swapping Redis for Valkey. We keep a current reference of the Magento 2 server prerequisites for each version if you want to check your target against your current server.

    This is where upgrades quietly stall. The application work finishes on staging, and then it turns out the production host can't provide the required PHP version, or doesn't offer OpenSearch, or won't touch the cache backend. If your host can't run the target stack, no amount of application work gets you over the line. Confirm this before the project starts, not at deployment time.

    The cleanest pattern we see is upgrading onto fresh infrastructure: build the target stack (correct PHP, search, cache, Varnish) on a new server, deploy and test the upgraded store there as staging, then cut over. You get a known-good environment, a genuine rollback path — the old server keeps running untouched — and no risky in-place stack surgery on a live store. That's exactly how our free Magento migration service works when it's paired with an upgrade, and it's the approach our managed Magento 2 hosting is built around: the stack is prepared for your target version before your code ever lands on it.

    The new Adobe patch cadence — and why EOL hurts more now

    There's a twist of timing that makes this particular EOL date sting more than previous ones. From 14 July 2026 — four weeks before 2.4.6 support ends — Adobe moves to twice-monthly security bulletins, landing on the second and fourth Tuesdays of each month. For supported Magento versions, that's a clear improvement: security fixes arrive sooner and on a predictable rhythm, shrinking the window between a vulnerability being fixed internally and the fix reaching your store.

    But that benefit only flows to supported lines. A store on 2.4.6 after 11 August gets none of it. In fact the contrast gets starker: stores on 2.4.8 and 2.4.9 will be patched twice a month, while the gap between them and an EOL 2.4.6 store widens at double the old rate. Attackers read security bulletins too — every published fix is also a public description of a hole that still exists on unpatched and unsupported stores.

    Put simply: staying supported has just become more valuable at exactly the moment 2.4.6 stops being supported.

    Timeline: what to do and when

    Assuming you're reading this around publication (mid-July 2026), here's a realistic plan:

    • This week: confirm your exact version (bin/magento --version). Start the extension audit — list every third-party extension, its vendor status, and its compatibility with 2.4.8. Pick your target version.
    • This month: confirm your hosting stack meets the target version's requirements (PHP, search engine, cache backend) — or arrange infrastructure that does. Run the upgrade on staging first, never directly on production. Resolve extension incompatibilities as the audit surfaces them, and put the store through real testing: checkout, payment methods, shipping rates, order emails, admin workflows.
    • By 11 August: plan and execute the production window — ideally a quiet trading period, with a tested rollback path. The goal is to be on a supported line before the first post-EOL security bulletin lands, not to scrape in on the day.

    If the audit tells you the timeline doesn't work — too many problem extensions, no development resource available — then the fallback is to compress risk, not ignore it: harden the store, restrict admin access, and schedule the upgrade for the earliest realistic date. An upgrade in September is far better than one deferred indefinitely.

    What EveryHost can do

    Honest framing first: a Magento upgrade is application work as well as hosting work. The extension audit, code compatibility and theme testing are Magento development tasks — done by your team, your agency, or with our upgrade support. What we remove entirely is the infrastructure half of the problem.

    EveryHost provides UK Magento hosting where the stack — PHP, OpenSearch or Valkey, Varnish — is prepared for your target Magento version before your code arrives, with UK-based engineers who do this work every week. Our Magento migration service is free and zero-downtime, which makes the upgrade-onto-fresh-infrastructure pattern described above genuinely practical: we build the new environment, you (or your agency, or we together) upgrade onto it as staging, and the cutover happens without your store going dark. Have a look at our Magento hosting plans to see what's included, or just call and describe your store — we'll tell you honestly what the upgrade involves.

    Frequently Asked Questions

    Frequently Asked Questions

    Sources and further reading

    • Adobe Experience League — Released versions and software lifecycle schedule for Magento Open Source / Adobe Commerce
    • Adobe — Security patch release notes for the Magento 2.4.x line
    • Magento 2.4.9 general availability coverage, May 2026 (Valkey, OpenSearch 3, PHP 8.4/8.5)
    • Adobe — announcement of twice-monthly security bulletins from 14 July 2026

    Still on Magento 2.4.6? Let's get you upgraded before the deadline.

    EveryHost is the UK Magento hosting specialist. Free zero-downtime Magento migration service, hosting stacks prepared for 2.4.8 and 2.4.9, and UK engineers who'll give you a straight answer about your upgrade.