Our Blog Posts

Step By Step Guide on How to Update Security Patches in Magento 2

step by step guide on how to update security patches in Magento 2

Magento 2 is now one of the top leading eCommerce platform for shop owners and online retailers. Most of the big brands in the world use Magento for their e-business because of its flexibility, reliability and open-source nature.

Many of the leading online businesses and even small retail businesses are migrating from other ecommerce platforms to Magento because of its wide range of inbuilt functionalities, high scalability and continuous growth in development.

With new version there are some updates and security patches are also being released along with Magento version upgrades. Magento has released many security patch updates for Magento 1 version and there are few security patches released for Magento 2 version as well since January 2016.

Here’s a step by step guide on how to update security patches in Magento 2:

Backup

Before you start working on any security patch update first thing you want to do is take full backup of your Magento store. Take backup of store files and database using your server’s control panel or SSH otherwise consult your hosting provider for the help. You can revert to your backup if any of the steps break your website or causes data loss.

Disable Cache

Make sure that Magento cache is disabled so that you don’t have to clear the cache while you are installing security patch. This will save you a lot of time.

To disable cache is to go to Admin → System → Cache Management → select all cache types and disable them.

Developer Mode

Ensure that your Magento store is in developer mode so that all changes are reflected in real time and you can view any errors you come across while patch update.

For this you have to run commands from terminal using SSH access. Login to your Magento store SSH account and go to Magento root directory and run below command:

Download Security Patch

We have listed all the security patches below with their download links for you.

  • MAGETWO-67805
  • This is a hotfix applicable to Magento 2.1.6 CE for image resizing issue fix. It is recommended to upgrade to 2.1.7 which contains this fix.

    https://magento.com/tech-resources/download#download2011

    Download the patch from above location and go to your Magento root directory and extract the archive. After that just run below command to apply the patch:



  • MDVA-532
  • This patch is for fixing issue of Magento composer-installer component which causes upgrades to fail.

    https://magento.com/tech-resources/download#download1892

    To apply this patch download from above and extract the files to your Magento root directory and thenat same directory and edit the file “composer.lock” and change following line from:

    “type”: “magento2-module-customer-balance”,

    to:

    “type”: “magento2-module”,

    and save the file. After that you have to clear these directories with below commands:

    rm -rfvar/cache/* var/page_cache/* var/generation/*



  • MDVA-449
  • This patch has fix for potential upgrade issues for Magento CE installations running PHP 5.5.x and a specific version 10.0.1 of the Magento Setup application.

    https://magento.com/tech-resources/download#download1883

    You need to extract downloaded archive of patch to /update directory on your Magento root directory using SSH logins. Then run below commands:



  • MDVA-84
  • This patch is applicable if you are running Magento CE 2.0.1 and hosting server runs PHP 7.0.1 or 7.0.2 which causes error trying for Magento upgrade.

    https://magento.com/tech-resources/download#download1890

    You can resolve this issue if you upgrade your Magento version to 2.0.2 which contains this patch. First extract downloaded archive of patch to /update directory on your Magento root directory using SSH logins. Then run below commands:





Deploy

Last but not the least, we have to run below commands to deploy the files we for security patch to take effect so that its usable on Magento store. Login to your Magento store SSH account and go to Magento root directory and run below command:



Now that all the security patches are updated, verify the Magento store front and Admin that your website is running smoothly and everything is working fine without any broken pages or functionality.

When you have verified the security patches, now it’s time to enable all the caches. Go to below path in Admin:

  • System -> Cache Management
  • Select all Cache type than Select Enable from Actions dropdown and click on Submit button to activate the cache.
  • If you had any server cache disabled then turn them on as well and check the front is working fine on that as well.

That’s it. Feel free to contact us and our Magento 2 Experts would be happy to help you.

Share

Want To Double Your Website Sales?

Get Free Website Audit Report To Find Out Improvements Required
Please leave this field empty.

Your Privacy is 100% Assured. Your Details Will Never Be Shared With Anyone

Want To Double
Your Website Sales?
DMCA.com Protection Status