How to Install SUPEE 6788 – The Step-by-Step Process
You must have heard about Magento’s new release SUPEE 6788 for the 10 vulnerabilities for Remote Code Execution and personal information leak issues.
It is a new patch which has no relation to the Guruincsite malware issue. An ideal way to install this patch is to first try it in a development server prior to installing it to the live website.
Installing SUPEE 6788 is easy; all you need doing is to first upgrade your Magento to the latest version 18.104.22.168.
It must be known that SUPEE 6788 installation can be done with SSH or without SSH as required. Here, we will understand the step-by-step process for installing the new patch with SSH.
Installing SUPEE 6788 with SSH…
Before you proceed, you need to check few things as given below –
- First, check if your theme has a custom customer/form/register.phtml or custom persistent/customer/form/register.phtml. If yes, then ensure that it also includes a form_key.
- Never use non-standard variables in CMS pages, email templates or static blocks.
- If you run Magento cron through HTTP using Apache, there is a new access control on cron.php which helps you change the .htaccess in order to include your local IP.
- Use cron.sh or call cron.php through CLI PHP. Also, you have to be sure that all your extensions are using the new admin routing
- Ensure that you have your server’s SSH access in order to install this new patch
- Ensure that compiler on your Magento store is not enabled by going to SYSTEM > CONFIGURATION > TOOLS > COMPILATION
Let’s now take a look at the steps in detail –
- Prepare for Magento patch installation.
- Next, you have to download the patch from Magento’s official website for the Magento version you are deploying.
- Now, using Cpanel or FTP, upload the patch in Magento’s root directory.
- After that, use SSH to connect your server. Next, navigate to that root where Magento is installed. Run the patch command given below –
According to your Magento version, alter the version in the command. However, using Magento 1.9 may cause hunk failed issue and so you can use Magento 1.8 in the command.
Following command should be used for patch files that have file extension .patch –
patch –p0 < patch_file_name.patch
- Manually add following code at your .htaccess file’s bottom
- Make sure that the Secured Admin routing for extensions is disabled by default. Also ensure completing all the changes related to the 3rd party extension and custom Magento development.
- Now, you can do following –
- Uninstall 3rd party extensions and ask the extension developer to provide you support or upgrade the extension package.
- If required, follow the Magento guide and make modifications in 3rd party extensions and custom development
- Next, if you have verified those, you can easily enable the Secured Admin routing.
- You can visit https://www.magereport.com/ to test your patch installation
- Microsoft Sharepoint2018.03.30How to Select the Best between SharePoint Server and SharePoint Online
- SharePoint Hosting2018.03.22Avoid SharePoint Compliance Risk by implementing a Robust Information Governance Plan
- Dedicated Hosting2018.03.20Guide to Selecting the Best between Office 365 Hosting and Hosted Exchange
- QuickBooks2018.03.07Boost Up Your Accounting Performance with Managed QuickBooks Support Services