How to Install a Security Patch in Magento?

If you are concerned about the security of your Magento store, install time to time security patches as in when released by Magneto. Here we are going to see how to install a security patch in Magento.

There are 3 methods to install a security patch in Magento; if you are not that techie, Hire a Magento developer or consult a good agency that offers Magento technical support services.

Before you start it is always advised to take a up to date back up of your Magento store, also we recommend scheduling such security patch updates when you have less website traffic.

Method 1 : Installing Magento Security Patch Using SSH

Secure Shell (SSH) is the recommended way to install a patch. If you don’t know how to set up SSH, contact your hosting provider.

i) Upload the patch files to the root of your [Magento] installation folder.


ii) If the store is compiled, make sure the compiler is disabled


iii) In the SSH console, run the following commands according to the patch extension:


.sh extension


patch –p0<patch_file_name.patch

.patch extension

Method 2 : Installing Magento Security Patch by running a Script.

The following example shows how to install the patch. Make sure to replace the patch name in the example with the name of the patch file to be installed.

  1. Upload the patch files to the root of your [Magento] installation folder.
  2. If the store is compiled, make sure the compiler is disabled.
  3. From your desktop, do the following:

a) Use a text editor to create a file named patch.php that contains the following script.





echo “Done”;


b) Upload the patch.php file to the root of your [Magento] installation folder.

  1. Run the script from your browser.


Then, look for the following message:

Checking if patch can be applied/reverted successfully…

Patch was applied/reverted successfully.


  1. After the patch is successfully installed, delete the patch.php file from your server.

If you receive the following error, either ask your hosting provider to install the missing tools, or try one of the other methods.

“Error! Some required system tools, that are utilized in this sh script, are not installed; Tool (s) “patch” is (are) missed, please install it(them).

  1. Refresh your cache from the Magento Admin, Don’t forget to refresh your OPcode or APC cache as well.                                                                                                                                                                                   
  2. If your store is compiled, rerun the compiler.

Method 3 : Installing Magento Security Patch  by Uploading  Pre-Patched Files

1. Download your Magento installation to your local machine.
2. Apply the patch locally.
3. Upload the updated files to your server.

Reverting an Installed Patch

Occasionally it is necessary to uninstall a patch. The command to revert a patch is essentially the same as the command that is used to install a patch, but with the addition of the -R flag.


  1. Before you begin, make sure that you have appropriate permissions to the Magento installation directory on the server. If the directory is owned by a web server user such as apache or root, change to the appropriate user to ensure that you have the necessary permissions. For example:

su – apache

Then when prompted, enter the password.



    1. Change to your Magento installation folder.b6


    1. On the command line, enter the following command to revert the patch:b7


    1. Use either of the following methods to verify that the patch was installed:


Download or view the file: app/etc/applied.patches.list.b8


From the command line, run the patch file with the –list argument for a report of all patch installations. b9

–list argument


Exinent has been in the forefront of Magento Consulting, Development, Migration, Support, and Maintenance since the past decade. We have successfully scripted success stories for hundreds of eCommerce stores. If you wish to discuss on Custom Magento Development, Migration, Consulting, Security, Speed & Checkout optimization and Audit services, do Contact Us and we will be glad to help you.