How to Install Magento Security Patches
Tags
security patches magento installation

Magento 2 security patches address known security vulnerabilities in the platform by updating and fixing the software. Magento 2 stores need these patches to ensure security and integrity.

What are security patches in Magento 2?

 

A security vulnerability can originate from many sources, including code vulnerabilities, data leaks, potential exploits, or weaknesses in the underlying software infrastructure. To protect your online store and customer data, it is crucial to stay up-to-date with security patches to prevent hackers from exploiting vulnerabilities in popular software like Magento.

We’ve seen many Magento sites get hacked, with dire consequences. Aside from angry customers, merchants are faced with the difficult and expensive task of removing all the malicious code. It’s much easier to apply patches as they are released than to clean up the mess afterwards.

Magento releases patches when it finds any defenselessness in the framework to make framework more secure, recently launched the patches on Nov 26, 2014 and Feb 9, 2015, It is especially prescribed to introduce the patch as quickly as time permits in light of the fact that your Magento store can be helpless till then and programmer can hack your information data. In this article we learn about How to Install Magento Security Patches.

I have covered the installation fo following patches but you can install other using the same method:

SUPEE 1533
SUPEE 5344
SUPEE 5994
SUPEE 6285
SUPEE 6482
SUPEE 6788
SUPEE 7405

Installation Steps for these Patches:

 

There are two ways to install patches: either by using SSH or by using FTP/cpanel. Some hosting providers don’t provide the SSH access for your plan. If not, you can FTP the files up to the site.

Cache Management: Make sure all caches are disabled from Cache Management in your store before installing patches.

Compilation: Make sure compilation has been disabled in your store before installing patches. If you haven’t disabled the compiler and installed the patch, test everything and run the compiler to again. The compiler must be run in order for the patches to take effect.

I have explained about how to install Magento security patches with both ways here:

Follow this instruction to install Magento security patches,
Method 1:

Upload patch files in the root of magento.
Make one file with the name of patch.php, write following code in it,

<?php
	print("<PRE>");
	passthru("/bin/bash PATCH_SUPEE-5344.sh");
	print("</PRE>");
	echo "Done";
?>

Replace the file name in it, upload it in the root and run the file from the browser.

Name should be PATCH_SUPEE-5344.sh or PATCH_SUPEE-1533.sh

If you are getting error like this,

“Error! Some required system tools, that are utilized in this sh script, are not installed; Tool (s) “patch” is (are) missed, please install it(them).

That means system tools aren’t installed in your server to run the sh script, you can contact your hosting provider or follow another method.

Method 2:
You can install patch with SSH as well. You will need SSH, if you don’t know how to set up SSH, contact your hosting provider.

Upload the patch files in the root,
In ssh console, run the command as following.

For .sh file extension

Sh PATCH_SUPEE-5344.sh

Sh PATCH_SUPEE-1533.sh

For .patch file extension:

patch —p0 < patch_file_name.patch

Make sure to check your store for vulnerabilities after the patch installation process is completed. Magento’s Security Patch Page provides a list of signs to look for to determine whether or not your store is comprised.

Mageefy offers all types of Magento Extension with Best Prices. Free Feel to contact mageefy@gmail.com