Following the release of the Magento 2 Security Patch PRODSECBUG – 2198 and SUPEE 11086, proof-of-concept (POC) exploit was published, for SQL Injection vulnerability, giving the hackers a path to the database of your E-commerce sites! This provokes the urgency to patch your store NOW! You can either follow this blog post or contact us for instant help!
Security is of the foremost concern when it comes to Magento E-commerce store. Owing to this, the latest Magento SUPEE 11086 is released on March 26, 2019.
The security patch Magento SUPEE 11086 comes with fixes like close remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities.
Methods to Install Magento SUPEE 11086:
Each method in detail,
Contact your hosting provider if you don’t know how to set up SSH. Download Magento SUPEE 11086 Patch files for your Magento Version from here.
Upload the patch into your Magento root directory and run the appropriate SSH command:
For .sh file extension:1sh patch_file_name.sh
For .patch file extension:1patch —p0 < patch_file_name.patch
For Linux OS or Ubuntu derived machines:
On Linux OS or Ubuntu derived machines, using sh will throw an error as sh is supposed to be used only with purely POSIX compliant scripts and Magento scripts are not 100% POSIX compliant. Instead, on Ubuntu and derived OSes such as Linux Mint, you should use1bash patch.sh
Note: Once executed the command, refresh the cache in the Admin under “System > Cache Management” so that the changes can be reflected. We strongly recommend that you test all patches in a test environment before taking them live.
Download the zip file for your Magento Version for the patch installation. You can also download these Pre Patched files from GitHub. After downloading the files, just upload it to your Magento root folder.
How to revert a patch if you are facing any issue?
Run the following SSH Command to revert your patch.
sh patch-file-name.sh -R
For both the above methods, if you face any difficulties in the implementation, feel free to post them in the Comments section below. I’ll help you out.
Moreover, have you faced an issue of Magento logging failed after installing SUPEE 11086 patch?
This is because log validation function added by Magento to validate extensions. It throws an error on is_readable() function in the case log file does not exist yet.
Moreover, if you don’t want to be left out in availing the latest features such as Page Builder, PWA Studio, and much more, migrate your store to the latest Magento 2 version. You can order professional help using Magento 1 to Magento 2 Migration Service.
If this post helped you secure your store, do not forget to appreciate it with 5-star ratings!