As recently as two or three years ago, you wouldn’t have made this comparison. Comparing Magento to Shopify was akin to apples and oranges. It would be enterprise-class online sales versus an easy way to pimp my grandma’s artisanal, free-range, gluten-free scone mix (they’re nasty, BTW).
But the time has come to consider SAAS (Software As A Service) e-commerce packages like Shopify in situations where once you might only had Magento in your quiver. Magento has its hooks deep into a lot of large-scale back-office systems and that’s driving a certain level of adoption these days. And while Shopify’s API is comprehensive and capable, there’s something to be said for using Magento with an ERP (Enterprise Resource Planning) system that already speaks its language. This comparison isn’t for those situations. As the old saying goes, no one ever got fired for buying IBM, and no one would ever get fired for using Magento when you’re paired with a system that offers plug-and-play integration.
But when you’ve got the luxury (or curse) of choice, take a look at the run-down of these issues as you ponder your fate. Note that much of what we’re saying about Shopify could also apply to some of the other big names in SAAS e-commerce, like Volusion and Bigcommerce.
By way of background, we’ve probably done a baker’s dozen or so, soup-to-nuts implementations in Magento and Shopify over the past couple of years. From a pure capabilities standpoint, we haven’t found or been tasked with any request that couldn’t be handled competently by either package. The relative ease of these implementations varied wildly but at the end of the day, we could usually make each hop up on its hind legs and bark.
So while both are equally competent, you might surmise that the devil is in the details. I’ve picked a couple of points here that draw a sharp contrast between the two.
Magento is impressive in its file count and folder structure, if you’re impressed by such things. Going ten folders deep looking for a particular config file is just scratching the surface, and you’re going to spend the first couple of weeks just figuring out where everything is. Magento was a mutt from the start, built upon the MVC Zend framework with bits and pieces grabbed from other systems. That’s how you end up with a sprawling, hot mess like this. Rumors of a ground-up rewrite to address this have persisted for years but nothing concrete has been released yet.
Shopify, on the other hand, has an exceedingly simple structure. As a SAAS, you’re not privy to the files that drive the system, just the files that define your store’s look, feel and behavior. So the pertinent file count is a fraction of what you’re faced with on Magento. Honestly, Shopify could allow a little more complexity. You really can’t create folders to segment your theme files, they’re all dumped into one folder. The file count is low enough to where it doesn’t matter too much. The built-in source code control management, while limited in features, does help to keep things organized and tidy.
Where the Shopify complexity comes in is with your system that interfaces with the store’s API. You run this stuff on your own server, and the organization is really up to you. Both a blessing and a curse, the onus is on the developer to build competent, robust resources that access the API. It’ll be in stark contrast to the simplicity of the store code, but still doesn’t have to be as byzantine as the Magento structure.
I performed my first online transaction in 1996, by emailing my credit card number and expiration date to some neckbeard in Denmark. He charged the card and mailed me my purchase. It was a special edition DVD of Das Boot, the legendary German WWII submarine movie and took six weeks to arrive. It was a kinder, gentler Internet back then, and shipping still involved tramp steamers and pack mules apparently.
Flash forward twenty years and I’m pretty sure that emailing credit card number will get you on a list somewhere in the bowels of the NSA. Mentioning NSA bowels will also get you on a list. On the flip side, shipping has improved dramatically. I’ve gotten boxes of electronics with questionable levels of Intellectual Property infringement shipped from China, order to door in 17 hours.
So now, instead of an online Utopia of shared ideals, respect and interminable delivery times, we have things like PCI-DSS. Payment Card Industry Data Security Standards is the judge, jury and executioner when it comes to keeping your site secure and safe. It’s a published set of standards that sets various secure level metrics and procedures that must be followed if you want to take credit cards online. Follow them to the letter and they might let you live if you get hacked. Ignore them and, well, you get the idea.
With Magento, the burden falls upon you to make sure you’re compliant. In addition to everything you have to do to be compliant, it’s also highly advisable to get special insurance to help cover you and your business in the event of a breach. It’s not cheap and will basically just help you barely keep the doors open if you ever make a claim. If you want a good shock sometime, ask me what our deductible is on our Errors and Omissions insurance. There are some companies that will host Magento for you and handle a great deal of the PCI-DSS certification for you. The largest of these companies, Magento Go, was run by Magento themselves. Unfortunately, they closed up shop in February, 2015.
With Shopify, they handle all of that for you. All of it. It does come at a slight price. Don’t think that you’re going to make any changes to the Shopify checkout process, it’s locked down hard. This is how they protect the process. They put a lot of effort into making sure that it’s safe and secure and they’re not going to let you muck it up. The fortunate thing is that they also spend a lot of time making sure it’s usable and compatible with all manner of browsers and devices. So for the most part, we’ve always been able to live with it out of the box.
Due to its structure, MVC roots and overall complexity, Magento can be a bit of a resource hog. A smart developer could make a handsome living just by hanging out a shingle for “Magento Tuning”, especially if they’re any good at it. There’s a myriad of knobs to twist and caching schemes to implement to order to wring any sort of performance out of Magento. You can also throw more hardware at it with varying levels of effectiveness. Fundamental architecture choices that may seem innocuous at the beginning of a Magento project can come back to haunt you once you go live, my advice is to consider the unthinkable at each juncture as you piece together your site.
Not to put too fine a point on it, Shopify is fast. We’ve always been impressed by its speed and consistency in the performance of various operations. Some of the limitations of Liquid, the templating language that drives Shopify, have caused us to do things that we know intuitively should be slow or inefficient. Our inner developer cringes but we implement them all the same because there’s no alternative. More often than not, it’ll run fine and surprise you with its responsiveness. It does require you to unlearn some fundamental developer axioms, but whatever they’ve got driving the internals of Shopify doesn’t seem to care. My advice is to try the things you might normally think would be slow and see what happens.
Being a SAAS, upgrades are solely in the purview of Shopify and you, the humble shop developer, generally don’t need to worry about it. You’ll get an email about some new feature being added and some older feature being sunsetted and that’s about it. They’re good about backwards compatibility and limiting downtime for maintenance windows.
Magento, again, is a different story. The developer needs to handle the process of applying a new version of Magento to their store. The upgrade process is usually pretty difficult and rife with unintended consequences. You've absolutely got to run upgrades against the development server, never the live box, and you’ve also got to have multiple good backups. They used to call me Shiva, Destroyer of Stores when I ran upgrades. It’s a process of apply the upgrade, restore the backup, tweak the config and repeat. Ad nauseum. You’ll sometimes need to look at selectively applying upgrades, pulling specific items out of the upgrade to address security issues and leaving the rest alone. This process won’t last forever and at some point you’ve got the rip the band-aid off. This usually involves starting with a vanilla installation of the upgraded version and re-applying your themes and customizations. Don’t worry, you’ll get good at it eventually.
So looking back, it appears that I’ve been a tad skewed towards the Shopify side. And if you’ve got no other compelling rationale, it’s our recommendation. However, Magento is the 800-pound gorilla and it’s a capable, comprehensive and feature-rich store that also happens to be directly integrated into a lot of other systems. So weigh the pros and cons carefully before you pull the trigger on either.
Also, a bit of current news. As part of the eBay spin-off of PayPal, Magento has gone from being 100% owned by eBay to its own company, as of November 3, 2015. I don’t think we have any opinion as to what effect this may have on Magento, but to have it go from a side-project of eBay’s to the core product of a company has to affect it in some way. My guess is that a focus on profitability may have them favoring the paid version over the Community version, even to the point of the Community’s demise over time. But I’ve also still got some iXL stock certificates I took in lieu of payment back in the day so what the hell do I know.