How to apply and revert a Magento security patch on a Linux VPS


magentoMagento is one of the most popular open-source eCommerce platforms and it is used by thousands of merchants worldwide. It provides a variety of enterprise-class features, but one thing that makes Magento a favorite over its competition is the security. To resolve a variety of security issues, Magento support releases security patches that should be applied to the Magento installation. Today, we are going to show you how to apply and revert a Magento security patch on a Linux VPS.

First of all, you need to determine the Magento version you have been using for your store. The easiest way to do this is to log in to your Magento Admin Panel and scroll down to the bottom of the Admin Panel. You can find the Magento version in the footer.
Once you found out which Magento version you are using, you need to proceed and download the latest security patch on your VPS. If you are using the Magento Community Edition, you can download the latest security patches from:

https://www.magentocommerce.com/download

Locate the patch you need to install and download the patch on your local machine or on your Linux VPS. Before you can apply the security patch on your Magento installation, you need to transfer the file in your Magento installation root directory. Please note that the patch file name should end up with .sh.

Next, connect to your VPS via SSH and navigate to your Magento installation root directory. Locate the security patch you have downloaded and execute the command:

sh patch-name.sh

Please do not forget to replace patch-name.sh with the actual name of the security patch you have downloaded from the Magento Commerce download page. In general, you should execute this command as root user.
After few moments you should receive a confirmation message that your security patch has been successfully applied to your Magento installation. The message should look like the following:

Patch was applied/reverted successfully.

The last thing you need to do is to reapply the ownership of the files. For example, if the Apache web server user is the owner of you Magento files you should execute the following commands:

For Ubuntu VPS:

chown -R www-data: .

For CentOS VPS:

chown -R apache: .

After completing this step, you are done.
In some cases, you may experience difficulties with applying the security patch and it may result in errors. Therefore, you may need to revert the patch. To revert the patch you need to execute the following command:

sh patch-name.sh -R

Again, do not forget to replace patch-name.sh with the actual name of the security patch you have applied.

Of course you don’t have to do any of this if you use one of our Linux VPS hosting services, in which case you can simply ask our expert Linux admins to apply or revert the Magento security patch for you. They are available 24×7 and will take care of your request immediately.

PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

Tips and Tricks
How to check data integrity using md5sum under GNU/Linux
Tips and Tricks
7 basic tips to improve Apache security
Tutorials
Install CakePHP 3.0 on a CentOS VPS