Magento patches – why and how you need to install them

This article will cover the following topics

  • What are patches? What types can we distinguish?
  • Why are patches important?
  • Magento patches and their significance
  • Patches or version updates?
  • How to install patches under Magento 1 and Magento 2?
  • Checking patches
  • To install or not to install?
  • Conclusion


What are patches?

Service packs: While developing a software application, it often happens that the developers have to make modifications that were not planned originally. After the application is launched, the software developers fix errors, missing data issues, security vulnerabilities (i.e. bugs), occurring later on, by way of software updates.


These service packs include the whole set of the fixed files, while in the case of open source software solutions, patches are used including only those files that hold modified data. Magento officially releases patches for bug fixes.


Magento patches logo


The advantage of patches is that with modifying only the necessary code lines, they can be compatible with earlier software versions at the same time. Their drawback, on the other hand, is that some expertise and experience is needed to apply them.

So it can happen that service packs can be even larger than the overall file size of the original application, while a patch comprises only the modifications, and these modifications include such executable files that automatically modify the files of the application.

It is a basic condition that both patches and service packs are to be used only for a given version of an application. This is usually included in the name and description of the pack.


Magento patch illustration

Why are patches important?


tips HINT: Generally, we fix flaws, data missing errors or security vulnerabilities of applications with patches and service packs. Therefore it is of utmost importance to follow the releases of service packs via newsletters, RSS web feed, social networking sites or the notification board within the application (e.g. admin page). The patches and service packs can be of unofficial, security and hot types.


[bctt tweet=”Keeping in mind dealing with Magento Patches is crucial for your e-store performance.” username=”aionhill”]



Magento patches security center


The most significant ones are the security fixes because these help to protect your application effectively handling security vulnerabilities. When a security fix is released for your software, then it should be installed as soon as possible. Please note that these security fixes should be installed only from a reliable (official) source, as other sources may provide harmful patches.

Hot (dynamic software development) type fixes can be installed even when your application is running, as they do not cause system errors, restart or system crash.

Fixes from unofficial sources are not commercial fixes of a commercial application. These are such fixes that a third party released with the consent of the original developer company.


Magento patches and their significance

Magento, and basically all major ecommerce software developer companies with a large user base, notify their users if a new update or version is launched. You get these notifications in their newsletters (if you have a registered account) or you can see them when logging in to the admin panel.


Magento patches message box magento1

Notifications in Magento 1 admin panel


Magento Patches system message magento2

Displaying notifications in Magento 2 admin panel


The Community Edition patches can be downloaded from Magento’s official site by going through the following steps:

  1. Log in to your account at
  2. Click on My Account in the upper right section. If you don’t have an account, create one by registration – this is totally free of charge.
  3. Select the patch you want to install under Magento Community Edition Patches.
  4. Select your own CE version from the list seen next to the given patch.
  5. Click on Download.
  6. When downloading is finished, installation can start.


The Enterprise Edition patches can also be downloaded from Magento’s official site. Please follow these steps:

  1. Log in to your account at Click on My Account in the upper right section.
  2. Select Downloads on the left panel.
  3. In the right side section, click on Magento Enterprise Edition.
  4. Select Support Patches.
  5. Find the patch you need.
  6. Click on the appropriate version number (that you use).
  7. When downloading is finished, installation can start.



Magento Patches downloads section my account

Magento EE patches downloads section


Patches or version updates?

Magento indicates on its downloads site what kind of patches the different software versions include. Therefore we can have two options for implementing the fixes:

  • Patch integration
  • Upgrading the whole software version


You also need to know that new versions, apart from fixes, contain other new and modified functions that – especially when upgrading to significantly higher versions – may “break” your presently functioning online store. When creating security fixes, Magento’s developers always aim to modify the code to the least extent necessary, so after implementing patches, there’s a big chance that your ecommerce store will function just the same. If the patch includes some error of incompatibility with earlier versions, the patch developer informs users about it with the given patch or during version upgrade.


How to install patches under Magento 1?

It is possible to download the latest version of Magento as a single set, which includes previous patches as well, and overwrite your existing Magento version with it, no matter which version you have at the moment. As we assume that your Magento developers used proper modular extensions and left the extended Core files untouched, no problem should arise in this respect.

But here’s a little problem, let’s take a look at the installation of Magento (2016-02-23): 109.4 MB, 14,310 files, compressing of the ZIP file of 33.5 MB takes nearly 1 minute! If you want to upload these files to your server, depending on connection speed, it can take even half an hour and if you want to make comparisons in the meantime, uploading may take hours. This is far from ideal.

The patch sizes are small (from a few kB to several hundred kB), which change only the necessary code lines in the files. These sequential files perform the tasks step by step and complete “patching”.

If you choose this solution, take special care of checking which version of Magento you use at the moment and run the patch files that correspond to it.


# 9. Track patch applying result
echo "Patch was applied/reverted successfully."

exit 0

SUPEE-6482 | CE_1.9.2.0 | v1 | | Tue Jul 14 14:17:04 2015 +0300 |

diff --git app/code/core/Mage/Api/Model/Server/Adapter/Soap.php app/code/core/Mage/Api/Model/Server/Adapter/Soap.php
index 0f9a3fa..1ac0d57 100644
--- app/code/core/Mage/Api/Model/Server/Adapter/Soap.php
+++ app/code/core/Mage/Api/Model/Server/Adapter/Soap.php
@@ -233,9 +233,9 @@ class Mage_Api_Model_Server_Adapter_Soap
 : $urlModel->getUrl('*/*/*');
 if ( $withAuth ) {
- $phpAuthUser = $this->getController()->getRequest()->getServer('PHP_AUTH_USER', false);
- $phpAuthPw = $this->getController()->getRequest()->getServer('PHP_AUTH_PW', false);
- $scheme = $this->getController()->getRequest()->getScheme();
+ $phpAuthUser = rawurlencode($this->getController()->getRequest()->getServer('PHP_AUTH_USER', false));
+ $phpAuthPw = rawurlencode($this->getController()->getRequest()->getServer('PHP_AUTH_PW', false));
+ $scheme = rawurlencode($this->getController()->getRequest()->getScheme());
 if ($phpAuthUser && $phpAuthPw) {
 $wsdlUrl = sprintf("%s://%s:%s@%s", $scheme, $phpAuthUser, $phpAuthPw,
diff --git app/code/core/Mage/Catalog/Model/Product/Api/V2.php app/code/core/Mage/Catalog/Model/Product/Api/V2.php
index ff71ec5..46fc492 100644
--- app/code/core/Mage/Catalog/Model/Product/Api/V2.php
+++ app/code/core/Mage/Catalog/Model/Product/Api/V2.php

Example: SUPEE-6482_CE_1.9.2.0_v1 sh file


Step by step installation of a .sh patch file

You can install a patch of .sh extension following the steps described below. If the file has a .patch extension, please first ask for assistance from Magento Support.


1) Copy the .sh file to the Magento install root directory.



2) Give the following command under a user who can (authorized to) write Magento files:

If the patch has been installed successfully, you’ll get a message like this:

Patch was applied/reverted successfully.


3) After installation you need to regain authority over the modified files:

A) Find the user of the webserver:

ps -o "user group command" -C httpd, apache2

The value at the USER column indicates the webserver user.

B) Give the following command as a root user in the Magento install root directory:

chown -R web-server-user-name .


Follow every further instruction that Magento Support has given you.


Cancelling a patch

If patching has been unsuccessful, follow the steps below and contact Magento Support:

  1. Go to the Magento install root directory.
  2. Give the following command under a user who can (authorized to) write Magento files:
sh -R


How to install patches under Magento 2?

Installation of Magento 2.0.4 (2016-03-31): 224 MB, 41,458 files, compressing of the ZIP file of 69.4 MB takes 2-3 minutes! If you want to upload these files to your server, depending on connection speed, it can take even an hour and if you want to make comparisons in the meantime, uploading may take several hours. This, as we have seen at version, is far from ideal.

With Magento 2, you can download updates with the help of the Composer or from GIT repository and install from the command line. telepíthetjük parancssorból. During the installation process, you can update your system step by step using a guide.


How can you check if the patches have been installed?

After the installation of patches and service packs have been finished it is important to check whether it has been done properly. We recommend two methods:


  1. Enter the URL of your Magento store at You will get a detailed analysis indicating what kind of service packs and patches are installed and what types of further fixes you may need.
  2. By identifying the code sections in the .sh file, you can check if updating of the code base has been executed or not.


Why is it risky not to install patches?

The Magento community works hard to make online stores around the world fully functional meeting all customer and user requirements and to eliminate every kind of security issue. We know that even though there is a lot of testing, some problems arise only when you use the live system.

Patches can solve these problems quickly, and, additionally, later versions will include these fixes so that users can install more stable and safer versions all the time. This whole fixing process can take some time because as there are more and more users with a growing number of needs, more flaws and deficiencies, which were not an issue before, may now come to the surface.


Let’s see an example for a Magento security patch:



This patch was released on 19 February 2015, reported by Netanel Rubin. You can read its detailed description by clicking the link above. It affects all versions of Magento CE prior to and Magento EE prior to

It is a security patch which prevents creating admin users or installing malware by using an extra parameter in the redirection system of the administrative page. The “Severity” value of the patch is 9.1 (Critical), which means that without it your e-store is in danger because someone who knows about this vulnerability, can have total control over the store!

If you think about what tremendous amount of information can be obtained through the admin panel, you easily realize how important it is to install such a patch.



Your Magento ecommerce store is a software application which has a life cycle, a development path and can often have flaws, bugs or security problems. These are addressed quickly by the large community behind Magento so Magento release patches or service packs as soon as they can, which are recommended to be installed. More recent versions already feature these fixes, therefore you get a more reliable system by using the latest version.

It is still important to keep an eye on new releases of patches and versions and to install them as soon as you can because otherwise malevolent hackers may get access to the data of your store or ruin it completely. It is recommended to be up to date with these issues and spend the time and money necessary to patch these security holes.



102 replies
  1. Carlie Carmichael says:

    Nice blog! Is your theme custom made or did you download it from somewhere? A design like yours with a few simple tweeks would really make my blog shine. Please let me know where you got your design. Thanks

  2. Antoine Renard says:

    Hi , I do believe this is an excellent blog. I stumbled upon it on Yahoo , i will come back once again. Money and freedom is the best way to change, may you be rich and help other people.

  3. Free Methadone Clinic says:

    Best Rehab Centers Drug Rehab Near Me Prevention Of Alcohol Abuse

  4. most volatile stocks says:

    Thanks for ones marvelous posting! I certainly enjoyed reading it, you can be a great author.I will ensure that I bookmark your blog and may come back later on. I want to encourage that you continue your great job, have a nice holiday weekend!

  5. bitcoin crash chart says:

    I simply couldn’t go away your website prior to suggesting that I actually loved the usual info an individual supply in your guests? Is gonna be back regularly in order to investigate cross-check new posts

  6. Stock Market Data says:

    The very heart of your writing whilst sounding reasonable initially, did not really work perfectly with me after some time. Someplace throughout the paragraphs you managed to make me a believer unfortunately only for a short while. I however have got a problem with your jumps in assumptions and you would do well to help fill in all those gaps. In the event you actually can accomplish that, I would definitely end up being amazed.

  7. usa debt to gdp ratio says:

    It is the best time to make some plans for the long run and it is time to be happy. I have read this post and if I could I desire to counsel you few attention-grabbing issues or suggestions. Perhaps you can write subsequent articles relating to this article. I desire to learn more things approximately it!

  8. what is value investing says:

    Hiya, I’m really glad I have found this information. Nowadays bloggers publish only about gossips and net and this is actually annoying. A good blog with exciting content, that is what I need. Thank you for keeping this web site, I will be visiting it. Do you do newsletters? Cant find it.

  9. boom and bust cycle effect says:

    Greetings from Idaho! I’m bored to tears at work so I decided to check out your blog on my iphone during lunch break. I enjoy the knowledge you present here and can’t wait to take a look when I get home. I’m amazed at how fast your blog loaded on my mobile .. I’m not even using WIFI, just 3G .. Anyhow, good blog!

  10. stock market crash 2019 prediction says:

    Just wish to say your article is as surprising. The clarity in your post is simply nice and i can assume you are an expert on this subject. Well with your permission let me to grab your RSS feed to keep up to date with forthcoming post. Thanks a million and please keep up the enjoyable work.

  11. erjilo pterin says:

    Thanks a bunch for sharing this with all of us you actually know what you are talking about! Bookmarked. Please also visit my website =). We could have a link exchange contract between us!

  12. Decija garderoba says:

    Hi my loved one! I wish to say that this article is amazing, nice written and come with approximately all important infos. I¦d like to look more posts like this .

  13. VivoSlot Online says:

    Fantastic web site. Lots of useful information here. I’m sending it to several buddies ans also sharing in delicious. And obviously, thanks on your sweat!

  14. compra armas says:

    What i don’t understood is actually how you are not actually much more well-liked than you may be right now. You are very intelligent. You realize thus significantly relating to this subject, made me personally consider it from numerous varied angles. Its like men and women aren’t fascinated unless it is one thing to do with Lady gaga! Your own stuffs nice. Always maintain it up!

  15. daftar situs judi online says:

    I do love the manner in which you have presented this problem and it does indeed give us some fodder for consideration. Nevertheless, from just what I have personally seen, I just wish as other reviews pack on that people today keep on issue and don’t get started upon a soap box regarding some other news du jour. Anyway, thank you for this outstanding point and although I can not really agree with this in totality, I value the perspective.

  16. all SMO Updates says:

    Generally I do not read post on blogs, however I wish to say that this write-up very pressured me to check out and do it! Your writing taste has been amazed me. Thank you, quite great post.

  17. brasil says:

    My wife and i felt absolutely fortunate when Jordan could conclude his investigations using the precious recommendations he was given from your very own web page. It is now and again perplexing to just possibly be freely giving instructions which often some people have been making money from. And we all consider we’ve got the website owner to give thanks to because of that. These explanations you’ve made, the simple blog menu, the friendships your site help foster – it’s most amazing, and it’s making our son in addition to us recognize that the article is fun, and that is extremely indispensable. Many thanks for all the pieces!

  18. Les meilleurs sites de torrent Français says:

    What i do not realize is in reality how you’re now not really a lot more well-preferred than you might be right now. You’re so intelligent. You know therefore considerably on the subject of this subject, made me individually imagine it from a lot of numerous angles. Its like women and men aren’t involved until it’s one thing to accomplish with Woman gaga! Your personal stuffs outstanding. Always maintain it up!

  19. buying a kitten from us says:

    I’ve been exploring for a little bit for any high quality articles or blog posts on this kind of area . Exploring in Yahoo I at last stumbled upon this web site. Reading this information So i am happy to convey that I’ve a very good uncanny feeling I discovered just what I needed. I most certainly will make certain to do not forget this web site and give it a look on a constant basis.

  20. comprar seguidores instagram says:

    Whats Going down i am new to this, I stumbled upon this I’ve found It absolutely helpful and it has aided me out loads. I hope to give a contribution & assist different customers like its aided me. Good job.

  21. prognatismo says:

    A lot of whatever you articulate happens to be astonishingly precise and that makes me ponder why I had not looked at this in this light before. This particular article truly did switch the light on for me personally as far as this particular subject matter goes. Nonetheless at this time there is actually one particular issue I am not too cozy with so whilst I make an effort to reconcile that with the main idea of the position, permit me observe just what the rest of the subscribers have to say.Very well done.

  22. shipping a car from ny to ca says:

    I think this is among the most vital information for me. And i’m glad reading your article. But wanna remark on few general things, The site style is wonderful, the articles is really nice : D. Good job, cheers

  23. luxury car hire malaysia says:

    Usually I do not learn article on blogs, but I would like to say that this write-up very pressured me to take a look at and do it! Your writing taste has been amazed me. Thank you, quite great post.

  24. photoshoot car rental says:

    Good – I should certainly pronounce, impressed with your web site. I had no trouble navigating through all the tabs as well as related info ended up being truly simple to do to access. I recently found what I hoped for before you know it in the least. Quite unusual. Is likely to appreciate it for those who add forums or anything, website theme . a tones way for your customer to communicate. Excellent task.

  25. thai restaurant take out near me says:

    Thank you for sharing excellent informations. Your site is very cool. I am impressed by the details that you have on this blog. It reveals how nicely you understand this subject. Bookmarked this website page, will come back for extra articles. You, my pal, ROCK! I found just the information I already searched everywhere and just could not come across. What an ideal web-site.

  26. baan 26 menu says:

    I’ve been browsing on-line greater than three hours these days, but I by no means discovered any fascinating article like yours. It is pretty price sufficient for me. In my opinion, if all webmasters and bloggers made excellent content material as you probably did, the internet will probably be a lot more helpful than ever before.

  27. animated advertising says:

    Do you have a spam issue on this blog; I also am a blogger, and I was wondering your situation; we have developed some nice procedures and we are looking to exchange techniques with others, please shoot me an email if interested.

  28. top animation agency says:

    I like the valuable information you provide in your articles. I will bookmark your blog and check again here regularly. I’m quite certain I will learn a lot of new stuff right here! Good luck for the next!

  29. web host uk says:

    I was very pleased to find this web-site.I wanted to thanks for your time for this wonderful read!! I definitely enjoying every little bit of it and I have you bookmarked to check out new stuff you blog post.

  30. cheap wordpress hosting says:

    Normally I do not read article on blogs, however I would like to say that this write-up very compelled me to check out and do it! Your writing style has been surprised me. Thank you, very nice article.

  31. Canada says:

    I like this post, enjoyed this one thanks for putting up. “The world is round and the place which may seem like the end may also be only the beginning.” by George Baker.

  32. Download Joker388 says:

    Good – I should certainly pronounce, impressed with your web site. I had no trouble navigating through all tabs and related info ended up being truly easy to do to access. I recently found what I hoped for before you know it at all. Quite unusual. Is likely to appreciate it for those who add forums or something, web site theme . a tones way for your customer to communicate. Excellent task.

  33. Joker388 Net says:

    Keep up the wonderful piece of work, I read few articles on this internet site and I conceive that your blog is real interesting and has circles of superb information.

  34. Login VivoSlot says:

    I’ll right away seize your rss as I can’t to find your e-mail subscription hyperlink or e-newsletter service. Do you have any? Kindly allow me know so that I may just subscribe. Thanks.

  35. FafaSlot Gamming says:

    I’m no longer positive where you are getting your info, however great topic. I needs to spend some time finding out more or working out more. Thanks for wonderful information I was in search of this information for my mission.

  36. Joker388 Online says:

    Thanks for the auspicious writeup. It actually used to be a leisure account it. Glance complicated to far delivered agreeable from you! However, how can we be in contact?

  37. Joker388 Online says:

    I do trust all the ideas you’ve offered to your post. They’re very convincing and will definitely work. Still, the posts are very short for starters. May you please prolong them a bit from subsequent time? Thanks for the post.

  38. hospedagem de site barata says:

    I am usually to running a blog and i really respect your content. The article has actually peaks my interest. I’m going to bookmark your web site and hold checking for brand spanking new information.

  39. hospedagem de site barata says:

    I think this is one of the most vital info for me. And i’m glad reading your article. But should remark on few general things, The web site style is perfect, the articles is really great : D. Good job, cheers

  40. Camp Half Blood says:

    Hello! I just would like to give an enormous thumbs up for the good info you have got here on this post. I will likely be coming back to your weblog for more soon.

  41. this link says:

    Good post. I learn one thing more challenging on completely different blogs everyday. It will all the time be stimulating to read content material from other writers and observe a bit of something from their store. I’d want to use some with the content on my blog whether or not you don’t mind. Natually I’ll give you a hyperlink in your net blog. Thanks for sharing.

  42. click says:

    Wow! This can be one particular of the most beneficial blogs We’ve ever arrive across on this subject. Actually Great. I am also an expert in this topic so I can understand your hard work.

  43. aumento peniano natural says:

    Hi there! I simply would like to give an enormous thumbs up for the great data you’ve gotten right here on this post. I will likely be coming back to your weblog for extra soon.

  44. Michelle B says:

    Everyone needs to see this article!

    You may have heard on NBC news concerning the implantable RFID microchip that some are getting placed in their hand to make purchases more convienent, but did you know this RFID chip matches perfectly with prophecy in the Bible?

    You may have heard of the mysterious number “666” that people have been speculating for around thousands of years on what it means. This article shares something I haven’t seen before, and I don’t think there could be any better explanation for the hidden meaning behind the number 666. This is no hoax. Very fascinating

    Go to:

  45. Daftar Joker388 says:

    In this grand scheme of things you’ll get an A just for effort. Exactly where you confused me was first on your facts. You know, they say, the devil is in the details… And that couldn’t be much more correct at this point. Having said that, permit me reveal to you just what did deliver the results. The authoring is definitely rather convincing and this is most likely why I am taking an effort in order to comment. I do not make it a regular habit of doing that. Next, although I can certainly notice a jumps in reason you make, I am not really sure of how you appear to connect your ideas which in turn produce the actual final result. For right now I will, no doubt subscribe to your position but wish in the foreseeable future you connect the dots better.

  46. Joker388.Net says:

    Thanks for helping out, excellent info. “A man will fight harder for his interests than for his rights.” by Napoleon Bonaparte.

  47. Joker388 Online says:

    My coder is trying to convince me to move to .net from PHP. I have always disliked the idea because of the costs. But he’s tryiong none the less. I’ve been using Movable-type on numerous websites for about a year and am concerned about switching to another platform. I have heard great things about Is there a way I can import all my wordpress content into it? Any kind of help would be really appreciated!

  48. Joker123.Net says:

    Nice post. I learn something more challenging on different blogs everyday. It will always be stimulating to read content from other writers and practice a little something from their store. I’d prefer to use some with the content on my blog whether you don’t mind. Natually I’ll give you a link on your web blog. Thanks for sharing.

  49. Joker388 Net says:

    hello!,I like your writing so a lot! percentage we keep up a correspondence more about your article on AOL? I need a specialist on this house to unravel my problem. Maybe that is you! Having a look ahead to see you.

  50. valor do laudo avcb says:

    I have been absent for some time, but now I remember why I used to love this blog. Thank you, I will try and check back more frequently. How frequently you update your web site?

  51. tours personalizados says:

    It is truly a great and useful piece of info. I’m satisfied that you shared this useful info with us. Please keep us informed like this. Thank you for sharing.

  52. สล็อต says:

    I have been surfing online more than 3 hours lately, but I never found any attention-grabbing article like yours. It is beautiful price enough for me. In my view, if all site owners and bloggers made excellent content as you probably did, the internet will be a lot more helpful than ever before.

  53. como vender mais says:

    That is really fascinating, You’re a very skilled blogger. I’ve joined your rss feed and sit up for in search of more of your excellent post. Also, I’ve shared your website in my social networks!

Trackbacks & Pingbacks

  1. hydroxychloroquine mexico

    Magento patches – why and how you need to install them

  2. chloroquine covid

    Magento patches – why and how you need to install them

  3. natural alternative to viagra

    Magento patches – why and how you need to install them

  4. naltrexone for weight loss

    Magento patches – why and how you need to install them

  5. ciprofloxacin 500mg antibiotics

    Magento patches – why and how you need to install them

  6. generic ventolin inhalers for sale

    Magento patches – why and how you need to install them


    Magento patches – why and how you need to install them

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.