He is a true Magento enthusiast and a visionary trainer. He loves what he does the best. With two Magento certifications under his belt, he is one of the most established authorities on Magento. He takes keen interest in working with PHP. He is an avid blogger and maintains his own website as well. He is currently associated with FireGento as the Treasurer and the Member of the Executive Board of Association. It is one of the most renowned associations of Magento developers. He is Fabian Blechschmidt.
In this interview, Fabian shares his candid views about the current developments related to Magento 2.0 after the Developer Beta release, issues pertaining to security and performance of Magento-based web stores, and personalities who have influenced him throughout his career.
Enjoy the read!
Editor’s Note: The interview has been edited for the sake of clarity.
Cloudways: Fabian, you are a Magento certified developer. How did you start your career? For how long have you been working with Magento?
Fabian: I am a web developer from Berlin. I started my career as a PHP developer here. During the early days in my professional career, I have frequently changed my jobs and have worked for different agencies. Thankfully, one of them offered me to work with Magento. It was horrible. A few people were already working on the project who didn’t know how to use Magento just like me. But we developed and delivered, what the customer had requested.
COREHACK anyone? I searched for help and found it in the good old IRC. If you speak German, come visit us: irc.freenode.net #magento-de, if you don’t go into #magento we are there. You can find me under my nickname “Schrank”. So my first experience with Magento was in 2011. It has been quite a while for me. I started with CE1.4. Since then, I have devoted my career almost completely to Magento, so nowadays I am working 100% on Magento projects.
Cloudways: Magento uses modules and extensions. Name five of the most important extensions that you recommend to use with every Magento website? What is your advice for anyone who wants to develop a new Magento extension?
Fabian: To be honest, I don’t know a lot of Magento extensions. Most of the stuff my customers want is easy to develop, so the reviewing of modules takes the same time as just doing it by myself. This is kind of arrogant, because I assume that I do it at least as good as other developers. So far, I think I’m right. Many extensions which are provided by extension providers are written by one developer, so no code review. So I think I can justify this attitude. But back to the recommended extensions:
- Aoe_TemplateHints: Template Hints gives more information about the templates and the cool thing is if you have the “Remote Call” plugin of PHPStorm installed, you can open the template with just a click.
- Aoe_Scheduler: If you implement a cron job, you need this. It schedules jobs, runs them when you want and gives a good overview over everything about cron jobs.
- FireGento_MageSetup: MageSetup is an extension maintained by the club FireGento. It helps people to make the shop compatible with the law, especially in Germany. So I think, it is bad for the American e-stores, but for most of European e-stores this is a must-have.
- FireGento_Pdf: FireGento_Pdf generates visually pleasing PDFs and is easier to customize than standard Magento.
- Ikonoshirt_Pbkdf2: Pbkdf2 changes the algorithm to hash the passwords of customers, admins and API users from md5 (sha256 for EE) to PBKDF2 which is a lot better if your database gets hacked. If you want to know more about key derivation functions and PBKDF2, I recommend:
(Disclaimer: I maintain FireGento_Pdf and Ikonoshirt_Pbkdf2, so I might be biased.)
To learn Magento the time becomes worse. Because it is hard to decide whether to learn Magento 1 or Magento 2. If you start now, you definitely want to learn Magento 1. There is still a lot of work to do.
Magento is maintaining version 1 for another three years and all the merchants will take even longer to migrate to Magento 2.
My advice for newcomers is: connect with the community! As Sander already pointed out, ask your questions on Magento StackExchange.
When I started, I was really welcomed with open arms in the IRC of the German community and I had a lot of questions. Most of them were answered.
FireGento is organizing hackathons to share knowledge, ideas, suggestions, experiences and a lot more.. It’s sort of a get together, where we get to know each other. Join us at the official website.
And I can recommend the MageUnconference in Berlin, March this year. To learn more and ask questions, visit its website.
Cloudways: As a Magento developer and Magento consultant for Magento StackExchange, you definitely know what are the most common questions among Magento users? What are the main issues in managing a Magento store?
Fabian: Many questions and problems I solve for my customers are not essentially related to Magento itself. But the Magento related questions are mostly the same. For example, how do I add content somewhere? Can I shift this block from left to right? Is it possible to edit the content? What is the difference between custom options and attributes? And the main issue is performance. The problem counts as solved, but nonetheless it costs a lot of time for every web store as it is encountered time and again.
Cloudways: There are several active communities of Magento on LinkedIn, Google+, and Facebook. Do you participate in the discussions at these social communities? What difference you find between Magento StackExchange and these communities?
Fabian: No. I try my best to avoid social networks-with a few exceptions-like Twitter. For me, the questions on Twitter are more valuable than on MageOverflow, because I follow mostly other Magento experts.
Cloudways: Magento 2.0 Beta is in the market already. What do you expect from the latest release? Will we see a complete overhaul in Magento’s front-end and back-end operational mechanism?
Fabian: What we can see with the latest release is, how Magento 2.0 will work. After the Developer Beta release, we have a feature freeze in the Framework. So now is the time to rebuild your extensions for Magento 2.0. After digging in the code and talking to other developers, I think that a lot of things have changed. But the base is the same. We have models, we have controllers, etc. But the introduction of Dependency Injection and more XML files with XSD validation is a big step forward.
Cloudways: Most of the Magento websites are vulnerable to security threats, such as identity theft, credit card misuse, hack attacks, etc. Is there any proactive disaster recovery plan in place so that we can protect web stores from such threats?
Fabian: Security is always a tough topic. And security is something you need to always have on your agenda. In the first place, I highly recommend to carry out a code review before installing any extension on a web store. You want to avoid ioncubed and obfuscated code because one has no clue, what it does. I have found modules which can be used to dial phones at home. I have found modules which load stuff from somewhere and echo it in the site. This is really horrible and a big security problem.
If you are sure that your code and the modules you have installed, are problem free, you can think about more advanced techniques, like Web Application Firewall.
The less data you collect, the less problems you have. Installing Ikonoshirt_Pbkdf2 helps you to secure the passwords of your customers. And having no credit card and bank account data, saved on your machines is the right thing, if you ask me. Payment Service Providers are paid for being secure. Even if they don’t do their job as good as expected (and I don’t think this is the case!), their knowledge and experience in this area is more advanced then ours.
Cloudways: Speed, performance, and optimization are three important pillars of a successful online retail store. Do you agree with this statement. How can Magento website owners ensure that all three components are working in a perfectly synchronized manner to gain the maximum output from their online business? How can one optimize Magento-based website for better results?
Fabian: Yes, I totally agree. Measure, measure, measure. Learn to use profilers, for example, xdebug profiler or XHProf. Check what the bottlenecks are. It doesn’t help to buy a bigger database server if your PHP is too slow.
There are a lot of things around, like FPCs that make your store faster. Some of them include:
- (https://github.com/colinmollenhour/Cm_Diehard), Varnish
- (https://github.com/fbrnc/Aoe_Static) or ElasticSearch/Solr
But it all depends on your store and your use case, what is best for your e-store’s performance and for your budget.
Cloudways: Sander Mangel, a renowned Magento developer, counts you as one of his inspirations, who have influenced him in his professional endeavors. Who are the five most important individuals inspired you throughout your career?
Fabian: I had the very first interaction with the community in the above mentioned IRC channel. Vinai Kopp and Bastian Ike helped me a lot with all this Magento stuff. Then one of the first hackathons happened (this was the ancient time, when the hackathons didn’t have their name yet). Damian Luszczymak invited me to fill in for someone who couldn’t attend, and I was very happy and lucky that I met all these Magento experts back then.
And finally there are Thomas Fleck and Thomas Goletz. They do a lot for the (German) Magento community and started a few years ago to spread the Meet Magento over the whole world.But five are far too less. The list of people, developers and others who inspired me is endless. Magento Community, thank you all for your help, knowledge, patience and love.