How to Install a Security Patch in Magento?
If you are concerned about the security of your Magento store, install time to time security patches as in when released by magneto. Here we are going to see how to install a security patch in Magento.
Before you start it is always advised to take a up to date back up of your Magento store, also we recommend scheduling such security patch updates when you have less website traffic.
Method 1 : Installing Magento Security Patch Using SSH
Secure Shell (SSH) is the recommended way to install a patch. If you don’t know how to set up SSH, contact your hosting provider.
i) Upload the patch files to the root of your [Magento] installation folder.
ii) If the store is compiled, make sure the compiler is disabled
iii) In the SSH console, run the following commands according to the patch extension:
Method 2 : Installing Magento Security Patch by running a Script.
The following example shows how to install the SUPEE_9767.sh patch. Make sure to replace the patch name in the example with the name of the patch file to be installed.
- Upload the patch files to the root of your [Magento] installation folder.
- If the store is compiled, make sure the compiler is disabled.
- From your desktop, do the following:
a) Use a text editor to create a file named patch.php that contains the following script.
b) Upload the patch.php file to the root of your [Magento] installation folder.
- Run the script from your browser.
Then, look for the following message:
Checking if patch can be applied/reverted successfully…
Patch was applied/reverted successfully.
- After the patch is successfully installed, delete the patch.php file from your server.
If you receive the following error, either ask your hosting provider to install the missing tools, or try one of the other methods.
“Error! Some required system tools, that are utilized in this sh script, are not installed; Tool (s) “patch” is (are) missed, please install it(them).
- Refresh your cache from the Magento Admin, Don’t forget to refresh your OPcode or APC cache as well.
- If your store is compiled, rerun the compiler.
Method 3 : Installing Magento Security Patch by Uploading Pre-Patched Files
1. Download your Magento installation to your local machine.
2. Apply the patch locally.
3. Upload the updated files to your server.
Reverting an Installed Patch
Occasionally it is necessary to uninstall a patch. The command to revert a patch is essentially the same as the command that is used to install a patch, but with the addition of the -R flag.
- Before you begin, make sure that you have appropriate permissions to the Magento installation directory on the server. If the directory is owned by a web server user such as apache or root, change to the appropriate user to ensure that you have the necessary permissions. For example:
su – apache
Then when prompted, enter the password.
- Use either of the following methods to verify that the patch was installed: