Magento 2.4 is out now. From the release notes, we’ve extracted some of the most important highlights like platform upgrades, security enhancements, and performance tweaks that the Magento partner community and merchants were awaiting.

Without further ado, let’s take a look at what Magento 2.4 (Open Source, Commerce, and Commerce Cloud) has got under its hood.

Magento 2.4.x release roadmap

While the release date of Magento 2.4 is confirmed, Magento has also spilled beans on the release of 2.4.x versions. 2.4.1 is slated for release on October 15th 2020, while 2.4.2 will be out on February 9th, 20201. These updates will be crucial as these would carry the fixes and enhancements for the shortcomings of 2.4, if any.

Security Enhancements

One of the most important security enhancements is considered to be 2FA (Two-factor authentication) for the Magento admin panel. The update supports authenticators like Google Authenticator, Duo, Authy, and U2F keys.

Other significant improvements include

  • 30+ fixes to overcome the most threatening vulnerabilities – RCE (Remote Code Execution) and XSS (Cross-site Scripting) vulnerabilities. Both these vulnerabilities are gateways for attackers to inject malicious content and obtain crucial store information.
  • 2FA for Magento Admin Panel is now a default aspect and cannot be disabled.
  • The Template filter mode is now enabled by default to overcome RCE.
  • Default Data rendering for UI providers is now disabled to prevent spam users from executing arbitrary JavaScript.
  • Content Security Policy improvements.

Performance Improvements

Magento has been continuously innovating in terms of performance. With the release of version 2.4, the platform has addressed this space enough.

  • Speed of Quick Order add-to-cart features is improved (up to 30% improved).
  • Redis has been optimized further for better performance (less CPU consumption).
  • SQL queries cashing results improved.
  • Merchants can implement lazy loading for images (by configuring theme).

Platform Upgrades

Support for

  • PHP 7.4, PHPUnit 9.x
  • Elasticsearch 7.x
  • MySQL 8.0


  • Zend Framework has been migrated to Laminas project
  • Elasticsearch replaces MySQL catalog search engine
  • PHP 7.4 – 7.1 and 7.2 has been deprecated
  • PHP Unit 9.x – 6.5 has been deprecated
  • MariaDB – 10.0 and 10.1 – Not supported
  • Signifyd fraud protection code and Brain Tree module has been removed

Infrastructure improvements

  • Integration of payment gateways removed – Authorize.Net, eWay, CyberSource, and Worldpay
  • Improved PayPal JavaScript SDK – Now contains PayPal Express Checkout integration
  • Elasticsearch now includes a partial word search
  • Web Setup Wizard removed
  • Composer plugin updated

Hire Magento Developers for USD 35 Per Hour

B2B Enhancements

Magento is upgrading its B2B capabilities with every update, but 2.4 would be a significant turnaround.

Order Approval Workflow

‘Order Approval Workflow’ is the highlight feature that’ll benefit B2B merchants a great deal.

Aimed at Purchase Managers in B2B organizations, this feature allows officials to configure approval rules for buyers. Here is the list of advantages of ‘Order Approval Workflow’:

  • Create Unique approval conditions (per company account)
  • Set rules based on order value, number of items, shipment costs
  • Access permissions in order approval workflow are configurable
  • Email notifications to notify concerned officials at various stages of the approval process
  • Purchase orders now have a complete log of actions performed
  • Quick view of Purchase Orders

Login Storefront as a Customer

Another important update is the ability to view your store as a customer. Store administrators now have access to login as a customer or, in other words, can log in on behalf of a customer.

Magento offers administrators the ability to control the access to login into the storefront as a customer by defining access control per website. The 2.4 update also packs an interesting security feature that removes all the sessions once an administrator logs out.

However, the order placed by the admin on behalf of a customer will be reflected in the storefront and backend.

Magento 2.4 – Benefits for merchants

  • Inventory management – In-store pickup and improved product bundling feature
  • Adobe Stock – Find photos in Adobe Stock gallery, and filter them 30X faster
  • Support for PWA Studio 6.0.0 and 6.0.1
  • ‘PickupLocations’ query now supports ‘In-store pickup.’
  • Users can add all the items from a previous cart to a new one
  • Web Payments – Users can pay faster using existing data stored in their browser

Other highlights of Magento 2.4

Magento 2.4 also includes extensions developed by vendors like DotDigital, Amazon Pay, BrainTree Payments, Klarna, and Vertex. The version is claimed to resolve several code issues and fixes for over 200 GitHub issues.

In the Magento Commerce 2.4 version, Page Builder now supports PHP 7.4. Also, the upcoming release has made enhancements in areas that improve customer experiences like cart and checkout, orders, fulfillment, and sales.

Magento 2.4 will be a significant upgrade and overhaul that would impact partners and merchants alike. Stay tuned for more updates.


Are you planning to upgrade your store to Magento 2.4 or needing an implementation partner to build a Magento store from ground up?

Are you planning to upgrade your store to Magento 2.4 or needing an implementation partner to build a Magento store from ground up?