How to Install Magento Security Patch Without SSH Access

Magento has released security patches to make the system more secure. Though it has been a while since the security patches have been released, We have noticed that number of Magento website owners have not get time to install all the security patched to make their website secure, Either they don’t know how to install the patches on their own or they don’t have a Magento development company that can help effectively

It is very much important to install the patch as soon as possible because your Magento store can be vulnerable till then and hacker can hack your data information.

The important thing is now how to install the patches for the Magento website, here we have provided simple step by step guide with screen shots to apply patches on your magento website.

You can install the patches using ssh or FTP/Cpanel. Some hosting providers don’t provide ssh access for some hosting plans so here is the detailed guide on how to install the patches without having need of ssh access.

Before you start working on any security patch update, first thing you want to do is take full backup of your Magento store. Take backup of store files and database using your server’s control panel or SSH otherwise consult your hosting provider for the help.

After you have taken the backup start following below step by step guide:

1. First disable the Compilation from admin if Compilation is enabled otherwise it will break your store’s architecture and functionality. Go to below path for Compilation

• System -> Tools -> Compilation

• If it is Enable then Disable it.

2. After that, disable any cache if it is enabled. To disable the Magento caches follow below path in Admin.

• System -> Cache Management

• Select all Cache type than Select Disable from Actions dropdown and click on Submit button.

• Note: If you have any server caches enabled then disable that as well so that any changes reflect directly on the website. Contact your hosting provider for any help.

3. Next thing is we have to find out which patches are required on your Magento store to update, for that go to below link and put your website url, it will show you exactly which patches are missing.

• https://www.magereport.com/

4. When you have the list of security patches your Magento store requires, you can go to below site and download the specific security patch from there.

htts://magentary.com/

• Note: Confirm your Magento version than download patches. You can check your Magento version by logging into admin and find it at footer.

We have listed some of the latest security patches below with their download links for you.

• SUPEE-10752

https://magentary.com/kb/install-supee-10752-without-ssh/

• SUPEE-10570

https://magentary.com/kb/install-supee-10570-without-ssh/

• SUPEE-10415

https://magentary.com/kb/install-supee-10415-without-ssh/

• SUPEE-10266

https://magentary.com/kb/install-supee-10266-without-ssh/

• SUPEE-9767

https://magentary.com/kb/install-supee-9767-without-ssh/

• SUPEE-9652

https://magentary.com/kb/install-supee-9652-without-ssh/

• SUPEE-8788

https://magentary.com/kb/install-supee-8788-without-ssh/

• SUPEE-8167

https://magentary.com/kb/install-supee-8167-without-ssh/

• SUPEE-7405

https://magentary.com/kb/install-supee-7405-without-ssh/

• SUPEE-6788

https://magentary.com/kb/install-supee-6788-without-ssh/

• SUPEE-6482

https://magentary.com/kb/install-supee-6482-without-ssh/

• SUPEE-6285

https://magentary.com/kb/install-supee-6285-without-ssh/

• SUPEE-5994

https://magentary.com/kb/install-supee-5994-without-ssh/

• SUPEE-5344

https://magentary.com/kb/apply-supee-5344-and-supee-1533-without-ssh/

• SUPEE-3762

https://magentary.com/kb/apply-supee-3267-without-ssh/

5. After you have downloaded the security patches extract the archive and only thing remain is to upload it using FTP client or SSH or your hosting control panel by following below points:

Note:

• Start with the oldest dated security patch which is lowest in number.
• Upload the patches one by one and make sure that you upload latest security patch update 8788 at last. You can find date of release of each patch on above links.
• Make sure that patches are uploaded from root folder of store where directories like app, lib, media, skin etc are present. You just have to match the directory structure of your Magento store and downloaded security patch structure.
• Never replace .htaccess or any root files.
• For specific patch SUPEE-8788 you have to delete below files after its successful uploaded as in that patch Magento has replaced its Admin Uploader.

skin/adminhtml/default/default/media/flex.swf

skin/adminhtml/default/default/media/uploader.swf

skin/adminhtml/default/default/media/uploaderSingle.swf

6. Now that all the security patches are updated verify the Magento store front and Admin that your website is running smoothly and everything is working fine without any broken pages or functionality.

7. If everything works well and your site is running as it was before then go to below link again to verify that all the patches are updated and shows Green status.

• https://www.magereport.com/
• Note: If it shows a patch in Gray color then it couldn’t decide if the patch is installed or not. You have to confirm manually that the patch was installed successfully.

8. When you have verified the security patches now it’s time to enable all the caches. Go to below path in Admin

• System -> Cache Management
• Select all Cache type than Select Enable from Actions dropdown and click on Submit button to activate the cache.
• If you had any server cache disabled then turn them on as well and check the front is working fine on that as well.

9. Now the last thing is to enable the compilation if it was disabled on the 1st step. Go to below path in Admin

• System -> Tools -> Compilation
• Run Compilation Process and then Enable it.

That’s it. If you face any problems during the process, Please feel free to contact us and our magento ecommerce developer will help you real quick