How to Install a Magento Security Patch


With all these security patches Magento has been releasing lately, we thought it would be a good time to write a tutorial that shows you how you can quickly and easily install security patches. This tutorial requires you to have SSH access to your server.

Security patch? What’s that!

Every time there is a major leak discovered in Magento, the company releases a patch that fixes the issue. The patch is a small .sh file that you can upload to your server, and execute with an SSH command, we’ll get to that later. The reason why Magento releases these patches is that they can be applied very quickly. We have upgraded some very big Magento stores and it’s a long process that takes a lot of time. Especially if the Magento store has a lot of extensions that might not be compatible with a newer version of the CMS. Patches save time, they only fix what’s broken and nothing else.

How to install a Magento patch

Installing a patch is very simple. First, you have to go to the Magento downloads page to download the correct patch for your Magento version. After the download has finished you’ll have a compressed folder. Unzip the folder and you should see a .sh file. Log in to your FTP client and connect to your host. Upload the .sh file in the root folder of your Magento installation.

The second step is also the last step (we told you, patches are a very quick solution ;)). Log in to your server via SSH, and navigate to the root folder where your installation is located. In the root folder, execute the following SSH command:

That’s all there is to it. If you have executed this command correctly, the following message will be displayed:


Sometimes, applying a patch in Magento doesn’t go as planned. You might get an error that prevents the patch from being applied. You will be greeted by a “Patch could not be applied” error message. Luckily, we have some troubleshooting solutions for you.

The most common error you can get is the Hunk Failed error. We have written a post about this problem and how you can solve it here. If that is not the problem you have we recommend you to check if you have downloaded the correct patch version. That will most likely be your problem.

Sometimes you hosting does not allow patches to be installed on their server. This is a sign of a really unprofessional hosting company, and you should switch to another one directly. Security should be priority number one, and if you hosting company doesn’t take it seriously they should not be hosting your store. We highly suggest you check out this list of reliable Magento hosting companies here.

We hope that this guide has learned you how to apply patches for Magento. There will be several patches released throughout the year and you can use this guide for each one of them. This guide is only for Magento version 1.x, check the newest Magento 2 guides there.


Leave A Reply