How to Install Magento SUPEE 11219 [With or Without SSH]

Magento keeps releasing security patches on regular intervals to keep your Magento stores safe against vulnerability and threats. Owing to this, today Magento released Magento SUPEE 11219  along with the Magento 1.9.4.3 version which provides resolution to multiple critical security issues. These security enhancements help secure your Magento stores from remote code execution, cross-site scripting, cross-site request forgery, and other vulnerabilities.

We recommend all the Magento 1.x users to upgrade to the latest Magento 1.9.4.3 or install the patch Magento security patch 11219 to secure your Magento stores from potential threats.

Issues Fixed:

• Remote code execution via file upload in admin import feature
• Remote code execution via crafted support configuration modification
• Remote code execution via product layout update
• Insufficient logging and monitoring of configuration changes
• Cross-Site Scripting via WYSIWYG editor
• Sensitive information available in HTTP requests

Methods to Install Magento SUPEE 11219:

1. Using SSH
2. Without using SSH

Each method in detail,

Method 1: Install Magento SUPEE 11219 with SSH

Contact your hosting provider for help with setting up SSH.
Download Magento SUPEE 11219 Patches files for your Magento Version from here.

Upload the patch into your Magento root directory and run the appropriate SSH command:
For .sh file extension:

Example:

For .patch file extension:

For Linux OS or Ubuntu derived machines:

On Linux OS or Ubuntu derived machines, using sh will throw an error as sh is supposed to be used only with purely POSIX compliant scripts and Magento scripts are not 100% POSIX compliant. Instead, on Ubuntu and derived OSes such as Linux Mint, you should use

Note: Once executed the command, refresh the cache in the Admin under “System > Cache Management” so that the changes can be reflected. We strongly recommend that you test all patches in a test environment before taking them live.

Method 2: Install Magento SUPEE 11219 without SSH

Download the zip file for your Magento version. You can also download these PrePatched files from Github. Once you download these files, just upload it to your Magento root folder.

How to check if Magento SUPEE 11219 has been installed correctly?

Check if the steps to install Magento SUPEE 11219 has been implemented correctly or not using magereport.com

Another way to check for the patches installed is, using SSH. Every installed patch can be found in your store content specifically logged in to app/etc/applied.patches.list.

So you can use the ‘grep’ command to access the list:

You’ll get output like this:

How to revert a patch if you are facing any issue?

Run the following SSH Command to revert your patch.

For both the above methods, if you face any difficulties in the Magento SUPEE patch installation, feel free to post them in the Comments section below. I’ll help you out. Don’t forget to comment down your Magento version along with the issue to help you out quicker and better.

Follow Magento StackExchange to find the possible issues related to Magento SUPEE 11219 and their solutions.

We highly recommend upgrading your Magento to the latest version Magento 1.9.4.3 which includes all the security patches including SUPEE 11219. If you need any help regarding Magento Version Upgrade, Checkout our Magento Upgrade Service.

We can also help you install Magento SUPEE 11219 professionally, visit our Magento Security Patches Installation Service.

With nearing of Magento 1 end of life, we recommend you to migrate your older Magento 1.x stores to the latest Magento 2.3.3 version and enjoy the latest features such as Page Builder, PWA Studio, and much more. If you are not much a Magento 2 guy, have a look at our Magento 2 Migration Service to get our professional help in the Magento 1 to Magento 2 migration.