How to Install Magento SUPEE 10975 [With or Without SSH]

Yesterday, Magento released SUPEE 10975 containing functional fixes multiple security enhancements to provide the security against remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities. This release also provides support for PHP 7.2. We recommend all the Magento 1.x version users to install Magento SUPEE 10975 to integrate security enhancements and protect Magento stores from potential threats.

With nearing of Magento 1 end of life, it is strongly recommended to migrate to the latest Magento 2.4.8  rather than installing Magento SUPEE-10975.

The installation process for Magento SUPEE 10975:

There are 2 ways to install Magento Supee 10975 patches: with SSH or without SSH. Here I’ve come up with both the methods to easily patch your Magento.

1. Install Magento SUPEE 10975 using SSH:

Contact your hosting provider if you don’t know how to set up SSH. Download Magento SUPEE 10975 Patch files for your Magento Version from here.Upload the patch into your Magento root directory and run the appropriate SSH command:

For .sh file extension:

sh patch_file_name.sh

Example:

sh PATCH_SUPEE-10975_CE_v1.9.1.1_v1-2018-11-29-16-23-38.sh

For .patch file extension:

patch —p0 < patch_file_name.patch

For Linux OS or Ubuntu derived machines:

On Linux OS or Ubuntu derived machines, using sh will throw an error as sh is supposed to be used only with purely POSIX compliant scripts and Magento scripts are not 100% POSIX compliant. Instead, on Ubuntu and derived OSes such as Linux Mint, you should use

bash patch.sh

Note: After the command execution, refresh the admin cache under “System > Cache Management” to reflect the changes. It’s strongly recommended to test all the patches in a test environment before installing them in live.

2. Install SUPEE 10975 with PrePatched Files (without SSH method):

Download the zip file for your Magento Version for the patch installation. You can also download these Pre Patched files from GitHub. After downloading the files, just upload it to your Magento root folder.

How to check if Magento SUPEE 10975 has been installed correctly?

The best, quick and easiest method to check for the patches installed is using magereport.com.

Another way to check for the patches installed is, using SSH. Every installed patch can be found in your store content specifically logged in to app/etc/applied.patches.list.

So you can use the ‘grep’ command to access the list:

grep ‘|' app/etc/applied.patches.list

You’ll get output like this:

SUPEE-10975_CE_v1.9.1.1 | CE_1.9.1.1 | v1 | 7dfdae563272b93a8ac3469cbc62084b6b008b22 | Thu Nov 29 15:04:32 2018 +0200 | ce-1.9.1.1-dev

How to revert a patch if you are facing any issue?

Run the following SSH Command to revert your patch.

​​​​​​​sh patch-file-name.sh -R

Do let me know if you stuck somewhere while installing Magento SUPEE 10975 and I would be happy to help to solve it. Don’t forget to comment down your Magento version along with issue to help you out quicker and better.

Be aware that #Magento 1.9.4.0 and SUPEE-10975 removes the ‘ccsave’ payment method (Stored CC), and disables the admin backup utility.

— Ryan Hoerr (@ryanhoerr) November 28, 2018

We highly recommend upgrading your Magento to the latest version Magento 1.9.4.5 which includes all the security patches including SUPEE 10975. If you need any help regarding Magento Version Upgrade, Checkout our Magento Upgrade Service.

We can also help you install Magento SUPEE 10975 professionally, visit our Magento Security Patches Installation Service.