FAQ
In our FAQ you will find answers to commonly asked questions. If you have a question, that is not included in the FAQ, you are always welcome to contact our support. At the bottom right you will find our “Contact” button.
Our FAQ is constantly being extended!
1. General Information about safefive
Shopware 5 reached its end of life in July 2024. Starting August 2024, safefive began providing security updates and compatibility patches for Shopware 5. Although Shopware 5 is now a legacy system, safefive ensures it remains secure even after its official end of life. Get started with your contract at: https://kunden.safefive.de/subscription/plan
We offer a wide range of services to make running your online store safer for you – and shopping safer for your customers. Our main focus is on security and compatibility patches. This way, we ensure that your Shopware 5 will continue to run securely and be technologically up-to-date in the future. In addition, we inform you about current developments around the topic of “security in the eCommerce sector”, such as changes to data protection laws or processes and expectations of payment and credit card service providers.
Step 1: Sign up for a contract
Go to our customer platform at: https://kunden.safefive.de/locale/en. There, you can sign up by entering your net sales and choosing how long you want the contract to last.
Schritt 2: Download the plugin
Download the safefive plugin from the customer platform. Then, enter your license key from your safefive account into the plugin.
Step 3: Install security updates and compatibility patches
You will receive security updates directly through the backend of your Shopware 5 store. Compatibility patches for PHP and MySQL will be available as separate downloads on the customer platform.
Discover how our service works in just four easy steps:
- Install the safefive Security Plugin:
Download the basic version of the safefive plugin from the Shopware Store. Installation is done via the Plugin Manager in your Shopware environment..
2. Enter your license key in the Plugin Manager:
After entering your license key, the plugin will be updated through the Plugin Manager. You can find your license key under “Contracts” in the safefive customer platform.
3. Receive notifications about security updates:
Our team will send you email notifications informing you about available security updates.
4. Test and activate security updates:
Download the updates in your test environment, thoroughly test them, and then install them in the live environment. We recommend backing up your database before installing updates.
Yes! In coordination with and with the support of Shopware, we can provide our security updates and compatibility patches for all editions of Shopware 5.
Starting from August 2024, you can rely on our service for 5 years. We will keep you regularly informed about any planned extensions. Configure your contract now at: https://kunden.safefive.de/locale/en
We will ensure compatibility with new technologies through provided patch files. This is especially important since MySQL, PHP, and Apache only provide updates for current versions. However, we do not offer bug fixes or code development. Functional errors that do not affect security will not be addressed. This approach is due to several reasons, such as prioritizing stable operation and maintaining adjustments already made by agencies. safefive serves as a transitional solution after the end of Shopware 5 support to offer Shopware 5 customers the best possible protection until migration and to safeguard shops against increasingly sophisticated hacker attacks.
We do not offer our own bug fixes. However for small or larger problems as well as system adjustments of any kind, we can recommend specialists from our large partner network.
2. Security Plugin and Compatibility Patches
Security updates are delivered directly through our safefive Security Plugin within the backend of your Shopware 5 store. They are designed to close security vulnerabilities in Shopware 5. A closed security vulnerability means that there was previously a weakness that could have put customer data at risk
To use these updates, you need a valid license for our plugin, which you can obtain from the Shopware Store. After that, you can update the plugin either via the Shopware Store or by using the ZIP files available on the safefive customer platform, ensuring you always receive the latest security updates
Compatibility patches ensure that Shopware 5 runs smoothly on newer technologies, such as MySQL 8 or PHP 8. This is important because MySQL, PHP, and Apache only provide security updates for current versions in the medium term — and security can only be guaranteed when both the application and the underlying software like MySQL and Apache are secure..
These patches:
– are not delivered automatically through the plugin,
– are provided as separate files for download, and
– must be installed manually.
Note: As of June 2025, no compatibility patches are yet available. However, security updates are already accessible via our plugin.
Our free plugin is now available in both the Shopware Store and on our customer platform. Please note: to use the safefive plugin, you must activate a free license through the Shopware Store.
To get started, install the safefive security plugin in your Shopware 5 store as you normally would. Then, enter the license key from your safefive customer account.
The plugin automatically checks for updates. As long as the license key and domain match, updates will be delivered directly to your store. Only your domain and license key are transmitted—never your sales data.
Your store stays secure and up to date with the latest security patches.
We pay a bounty for each vulnerability found in Shopware 5. The more critical the vulnerability, the higher the bounty. Security holes are traded on the black market. Even though we may not be able to prevent information about possible vulnerabilities from ending up there, we can ensure that your system is protected from possible attacks with the help of a patch. Even if a bot is built tomorrow that automatically attacks all systems, you will be “safe”.
3. Plugins & Integrations
Many merchants are looking for clarity regarding the maintenance of their Shopware 5 plugins. To meet this need, we have created a list of plugin providers who will continue to support their plugins even after the official end of support in 2024. You can find this list here: https://safefive.de/sw5plugins
Well-known plugin providers such as Klarna, Pickware, and Mollie have already confirmed they will continue support. Shopware AG has also confirmed that the PayPal plugin will continue to be maintained and updated by Shopware itself beyond the security bugfix period.
Are you a merchant looking for a specific plugin that is not yet on our list? Or are you a provider whose extension is missing? We look forward to hearing from you!
Yes! The PayPal plugin for Shopware 5 will continue to be supported directly by Shopware AG even after the security bugfix period ends.
To quote Moritz Naczenski, Director of Product Management at Shopware AG:
“After discussing with PayPal, we decided to keep maintaining the PayPal plugin ourselves beyond the security bugfix period. This means Shopware will keep providing free updates.”
DHL will discontinue version 2 of its SOAP API on May 31, 2025. This does not affect Pickware’s DHL Adapter Plugin, as it has been using version 3.1 of the DHL Business Customer Shipping API since version 4.20.0 (released on July 1, 2020). Version 3 of the SOAP API will remain available until May 31, 2026, so the plugin will continue to work as usual until then.
4. Pricing, Revenue, and Billing
safefive maintains a BugBounty program. This way we offer programmers a financial incentive to report security vulnerabilities instead of selling them on the black market. In addition, the operation of the platform and the development of patches must also be financially secured.
The cost of safefive is calculated per production deployed instance. Local development systems and test systems are excluded from this count and can be operated free of charge at any time.
We have given a lot of thought to what a fair pricing model might look like. Our decision for revenue-based pricing is due in particular to the fact that we come from the community and would like to give something back. We know about the challenges of the different store operators and would like to offer our service equally to small, medium and large companies at feasible conditions. You can find our detailed price list at: safefive – Prices
Good question! What is processed in Shopware counts as net turnover. In simple terms – if the recipient is created in Shopware, the generated revenue is counted towards sales. If you have ebay and/or Amazon connected and processing orders through Shopware, that revenue is included. The same applies if you run a B2B store and only send offers while the contract acceptance is then handled by your sales or ERP system. These revenues also count as sales. Exceptions are e.g. credit notes and cancellations, since these are not booked as revenue by you.
If your turnover changes, you can easily enter this yourself in your customer portal. To do this, select the active contract for which you want to adjust the turnover. Then enter the new turnover and press save. Our system will then guide you step by step through the necessary adjustments.
Our mission is to make our service accessible to everyone in the community — no matter the size of their business. That’s why we’ve chosen a revenue-based pricing model. If we had set a low flat rate, the service might have been affordable for everyone — except for us 🙂
On the other hand, a price high enough to sustainably fund our service would have been out of reach for many smaller merchants. With a dynamic, revenue-based model, smaller merchants pay less and larger ones pay more — making it fair for everyone and ensuring we can keep the service running for the whole community.
Let’s take a merchant with an annual revenue of €10 million as an example. In the most flexible plan (which can be cancelled monthly), the safefive service costs €1,040 per month. That amounts to €12,480 per year — just 0.1248% of the merchant’s annual revenue. In this context, the cost is relatively low compared to revenue.
For merchants who already know they won’t be switching to Shopware 6 or another system before 2026, the most cost-effective option is the two-year contract. This reduces the annual cost to €8,736 — which equals only 0.08736% of annual revenue.
It’s also worth noting that the safefive service fees can be deducted as a business expense, which helps reduce the overall tax burden.
After signing the contract, you will receive an email with a PDF containing all the important information. Billing is done in advance according to the contract type: monthly, annually, or every two years. You can pay your invoice by bank transfer or credit card.
Bank transfer:
If you wish to pay by standing order, please ensure that your contract number is included in the payment details so we can correctly allocate your payment. Also, please only set up the standing order after the invoice has been issued to avoid payments arriving before the invoice date. This helps us match your payment accurately.
Credit card:
Payments by credit card allow for automatic settlement of future invoices. You can delete the stored credit card information at any time.
Please note that direct debit payments are not accepted.
Yes, invoices can be addressed to a different billing address and sent directly by email to a separate email address. It is also possible to include a purchase order (PO) number or other reference information.
5. Technical Requirements and Compatibility
The system requirements are identical to those of your current Shopware version. However, please note that components like MySQL, PHP, Elasticsearch, etc., also follow their own release cycles and may reach end-of-life. Therefore, it is always recommended to use an up-to-date stack of software components.
We support Shopware 5 starting from version 5.5.0 and later. This means we support Shopware 5.5, 5.6, and also Shopware 5.7. If you’re unsure whether your Shopware version is supported, please feel free to contact us and we’ll be happy to assist you.
We always recommend using the latest PHP versions, such as PHP 8.2. However, safefive also supports older Shopware versions starting from Shopware 5.5 with their respective PHP versions. For example, Shopware 5.5 requires at least PHP version 5.6. It should be noted, though, that PHP 5.6 is no longer officially supported, so security updates for this version would need to be obtained and applied separately.
The safefive security plugin is available for free in the Shopware Store. Downloading it through the Shopware Store is required for the plugin to be visible and usable in the Shopware 5 admin area. The current version number in the Store, such as 1.02, indicates that it is the second release of the plugin.
Once you have an active contract, you will be notified by email when new security updates or compatibility patches are available. Then, a different version number will appear in the Shopware 5 backend—for example, 1.1.0 after the first security update. The second number (“1”) indicates that a security update has been released, while the first number marks the major version. The second number increases with each update.