How to install Security patch in magento 2
Installing a security patch in Magento 2 is a critical task to keep your store safe from vulnerabilities. Below are the steps to properly install a security patch in Magento 2:
1. Prepare Your Environment
Backup Your Store
Before installing the patch, always back up your:
- Codebase
- Database
- Media Files
Set Maintenance Mode
Enable maintenance mode to prevent users from accessing the store during the update.
php bin/magento maintenance:enable
2. Check Magento Version and Patch Details
Ensure that the security patch is compatible with your Magento version by reviewing the patch release notes provided by Adobe.
Download the Magento 2 security patch designed to address the identified vulnerability from the official Magento Security Center or GitHub. Adobe also provides the latest patches for both affected Adobe Commerce and Magento Open Source versions.
3. Install the Patch
- Upload the local patch file into the <Magento_root> on the server.
- Log in to the server and verify that the file is located in the correct directory.
- In the command-line interface, run the following commands.
- patch -p1 < patch_file_name.patch
The command assumes that the file being patched is located relative to the patch file. If the message "File to patch" appears in the command line, it means the intended file may not be found. The terminal will display a prompt indicating the required file. You can copy and paste the correct file path into the "File to patch" prompt.
4. Clear Cache and Recompile
After applying the patch, you need to clear the cache and recompile the codebase:
php bin/magento cache:clean
php bin/magento setup:upgrade
php bin/magento setup:di:compile
Disable Maintenance Mode
Disable the maintenance mode after installing the patch if you enable it earlier to test the
website and resume the customer experience.
Run the following command:
php bin/magento maintenance:disable
5. Verify the Patch
Disable the maintenaCheck the specific files intended to be modified for the patch you have applied. To perform this, you can follow the below steps:nce mode after installing the patch if you enable it earlier to test the website and resume the customer experience.
- Compare the patched files with the original files of the website to ensure the changes
are applied correctly. - Open each modified file and check if the changes mentioned in the patch documentation
are present in the file. - Ensure the modified lines or code sections match the changes specified in the patch. If
you find discrepancies, it may indicate an issue with the patch installation.
6. Apply the Patch With Composer
To apply the patch with the Composer, follow the below steps:
Step 1: Access SSH/FTP: Connect to the command line with SSH or FTP access, and
navigate to the Magento 2 root directory.
access magento root directory with cli
Step 2: Add a plugin: Add the cweagans/composer-patches plugin to the composer.json file.
composer require cweagans/composer-patches
Note: cweagans/composer-patches also helps create the custom patch with composer
installation.
Step 3: Edit Composer File Edit the composer.json file and add the following section to specify:
Module: “magento/module-payment”
Title: “MAGETWO-56934: Checkout page freezes when ordering with Authorize.net with invalid
credit card”
Path to patch: “patches/composer/github-issue-6474.diff”
Locate the extra section in composer.json and add the patch version under patches based on
the above format.
"extra": {
"composer-exit-on-patch-failure": true,
"patches": {
"magento/module-payment": {
"MAGETWO-56934: Checkout page freezes when
ordering with Authorize.net with invalid credit card":
"patches/composer/github-issue-6474.diff"
}
}
}
You must create multiple patch files targeting multiple modules if a patch affects multiple
modules.
Step 4: Apply the patch: Run the following command from the application’s root directory. Use the -v option only if you want to see debugging information.
composer -v install
Step 5: Update the composer.lock file: The lock file tracks which patches have been applied to each Composer package in an object.
composer update --lock
7. Reverting the Security Patch in Magento 2
There must be a case of reverting the security patches in Magento 2 due to any error or critical
feature. Follow the below steps to revert the security patch:
Navigate to the Magento 2 installation root directory.
Run the following command to revert the same patch.
sh patch_file_name.sh -R
You will receive the message “Patch was applied/reverted successfully.”
8. create a Custom Patch
To create a custom patch, open the terminal in your project's root directory.
Make necessary change in file.
1. Using Git
If you are using git in your project You can create a patch file using the below command.
git diff path/original_File.php > sample_patch.patch
2. Using CLI
To create a patch file without git You must Have 2 files, One is the original file and another is a
changed file. The simplest way Is you can copy the file to the same location and rename it.
Run the below command to crate the file.
diff -u path/original_File.php path/changed_File.php > sample.patch
You can remove the changed file as it is not required anymore.
-
How to install Security patch in magento 2
January 2, 2025 -
Set Up Your WhatsApp Catalog in No Time: A Step-by-Step Guide
December 31, 2024 -
Integrating Cryptocurrency Payments into Your Magento 2 Store
December 31, 2024 -
Using Generative AI to Optimize CMS Content and Images in Magento 2
December 27, 2024 -
Black Friday 2024 Deal: Premium Magento Extensions Now Just $9 at VDC Store
November 8, 2024
