Magento Security Patches
From time to time Magento will release patches for security vulnerabilities or simply standard issue fixes. Applying Magento patches is relatively easy.
Before you proceed you will first need SSH Access, if you have not had it activated for your account please see Obtaining SSH Access.
Important Note: We highly recommend that you backup all your files first before proceeding with the patch. If possible, test all patches in a test environment first before taking them live.
Where to find Magento patches
1. Navigagte to Magento's Download Page.
2. Look for Magento Community Edition Patches.
3. Select and download the patch.
Installing the Magento patch
Transfer the patch .sh file to your Magento installation root directory.
Example: /public_html OR /public_html/magento
Via SSH enter the following command:-
You should receive a "Patch was applied/reverted successfully" message as confirmation. If you see any errors please contact our Technical Support Department.
Reverting a patch
- Change your Magento installation directory
- Via SSH enter the following command:-
sh patch-file-name.sh -R
Without SSH Access?
If you do not have SSH Access or have difficulty in obtaining it, we can help execute the command for you.
You need to first upload the appropriate patch file to your Magento installation, provide us with the path to it and we will execute the command for you.
We highly recommend that you backup all your files first before contacting our Technical Support Department.
Magento patches which are already installed
You can find out which Magento patches are already installed by looking at the following file under your Magento directory:-app/etc/applied.patches.list
If the file doesn't exist, that means no patches were ever installed in your Magento installation.
provides protection against several types of security-related issues, including remote code execution, information leaks and cross-site scripting
Fixes issues introduced with patch SUPEE-7405 February 23, 2016
A bundle of patches for Magento 1.x that resolve several security-related issues. January 20, 2016
Provides protection against several types of security-related issues, including remote code execution, information leaks and cross-site scripting. Oct 27, 2015
Addresses two issues related to APIs and two cross-site scripting risks. August 4th, 2015
Provides protection against several types of security-related issues, including information leaks, request forgeries, and cross-site scripting. July 7th, 2015
Addresses multiple vulnerabilities. May 14th, 2015
Addresses remote code execution vulnerability. Feb 9th, 2015
Fixes issue with product images. Nov 26th, 2014
Addresses 2 remote code execution vulnerabilities. Oct 3rd, 2014.
Was this answer helpful?
If you see a 503 Service Temporarily Unavailable error, go to the directory you install...
Important Note: The following tips on performance improvements have been tested to work properly...
With Magento version 1.8.x and 1.9.x, some users are facing issues where the Magento Cron Job is...
If you want to remove the “Add to Cart” buttons from the catalog pages, this is how...
We do not recommend clients to use the Magento Built-In Backup System (Magento Backup) as there...