What shopping cart / e-commerce software (self hosted) is popular nowadays?

Considering helping a friend with a self-hosted online shop. No Weebly or Shopify considerations, only self-hosted software (free or paid) that is modern, well documented, well supported and maintained.

Easy integration via existing gateways for common things like PayPal and Stripe is a must, and ideally with pre-made crypto gateways available as well.

What’s the verdict? I think the last shop I setup was PrestaCart or something back in… 2010? So it’s safe to say it’s been a while since I’ve cared about this area.

EDIT: This isn’t for hosting… Just normal physical goods. Shirts, hats, whatever.

Shopware seems to be pretty popular. But it is quite resource intensive, afaik.

Woocommerce is the king. .
Go with Woocommerce, it does a really good job.

Ease of use for a simple store - you can’t go wrong with Woocommerce. But keep it up to date! And it’s easy to slow a site down by adding lots of unecessary plugins, etc.

Magento is another good option - it’s very good at what it does but it does require a bit more technical knowledge - and if you can’t make it do what you want exactly modules can be expensive.

1 Like

If you want something “non-wordpress based” look at xtcommerce, oscommerce, opencart …

The thing you want to be careful with, is actually storing critical “payment data”, as that adds a lot to the complexity. Not from a technical standpoint, but a legal one. So i always suggest to do the “shop” in-house, but redirect to a certified payment provider for the actual payment process (check out with paypal, stripe,…). Then try to store as little actual card data,… as possible.

I like self-hosting in most cases, but honestly I haven’t seen any self-hosted stores that are as good as something like Shopify.

I’d go so far as to say “never ever store any payment information yourself”. Having to get audits to satisfy PCI-DSS compliance is really not worth it unless you run a huge store.

Even if you don’t store credit card information, you still need to ensure the store is GDPR and CCPA compliant, of course. Also make sure you disable SSL, TLS 1.0 and 1.1 on your web server - only TLS 1.2 and 1.3 should be enabled.