Magento: Apply SUPEE-5344 Patch

Magento announced a critical security vulnerability with its software and issued a patch on February 9, 2015. To make sure websites on your server aren't vulnerable, you need to apply the SUPEE-5344 patch.

Let GoWebsite patch it for me

Applying the patch requires some familiarity with SSH. If it's something you don't have time to learn, we have an Expert Service available for $79 which handles all of the patching for you. If you're interested in that option, give us a call at 480-624-2500.

Patch it myself

To patch your Magento Website you need to identify which version of Magento you're using, get the patch onto your server, and then apply the patch via SSH.

Download the SUPEE-5344 patch

1. Log in to your Magento admin panel (http://your domain name/admin).
2. Note your version, which displays at the bottom of the page as Magento ver.
3. Go to the Magento website.
4. In the Magento Community Edition Patches area, next to SUPEE-5344, from the Select your format menu, click the option that corresponds to your version of Magento.
   
   For example, if you have Magento version 1.6.2.0, you would click Magento-CE-v1.6.1.x-1.6.2.x
5. Click Download.
6. Log in to your Magento account to complete the download.
7. Copy down the name of the extension that you download.

Make sure you can locate the file on your computer — you'll need to upload it to your hosting account.

Upload the patch

• Using either FTP or a control panel's file manager, upload the patch to your Magento website's root directory.

Apply the patch

1. If you have a My Server-based server (more info), enable root/SSH access.
2. Connect to your server via SSH.
3. Navigate to your Magento website's root directory.
4. Issue one of the following commands based on the file extension of your patch:
   
   SH files
   sh your patch file name
   
   PATCH files
   patch -p0 < your patch file name