Magento Security

How to Install Magento SUPEE 8788 With or Without SSH

Hello, Magento Friends!

Magento recently released SUPEE 8788 to safeguard stores against potential threats. In order to keep your stores secure, it is recommended to install this patch as soon as possible.

Here, I have come up with a complete guide on how to install Magento SUPEE 8788 with and without SSH. Let’s Get Started:

Feature-set of Magento SUPEE 8788

  • This newly-released patch provides security against potential threats such as remote code execution, information leaks, and cross-site scripting.
  • Possibility of SQL injections due to Zend Framework library vulnerabilities.
  • Resolved improper session invalidation issue when an Admin user logs out.
  • Denied the ability to back up Magento files or databases by unauthorized users.
  • Resolves a compatibility issue with SUPEE patches 1533 and 3941 faced earlier by merchants using EE 1.13 and CE 1.8 and earlier versions.
  • Resolves issues with some third-party payment methods during checkout.

Installation process:

  • Revert SUPEE-8788 if you have already installed it.
  • Revert SUPEE-1533 if you have already installed it.
  • Deploy SUPEE-3941 if it hasn’t already been installed.
  • Install the new SUPEE-8788 v2 patch. This patch includes SUPEE-1533, so you don’t need to worry about re-installing it.

I have explained the installation of patches in both ways here:

Methods to install the patch on your store

Method 1:

  • Upload patch files in the root of Magento.
  • Create a file named patch.php and append the following code into it:
<?php

print("<PRE>");

passthru("/bin/bash PATCH_SUPEE-8788.sh");

print("</PRE>");

echo "Done";

?>

Replace the file name in it, upload it in the root, and run the file from the browser.

The name should be PATCH_SUPEE-8788.sh

You should receive the following screen once you run patch.php from the browser,

If you are getting errors like this,

“Error! Some required system tools, that are utilized in this sh script, are not installed; Tool (s) “patch” is (are) missed, please install it(them).

That means system tools aren’t installed in your server to run the sh script, you can contact your hosting provider or follow another method.

We have updated the patch files for the older Magento versions. It is very much recommended to use these patches at your own risk, please take backup of your website prior to installation.

Method 2:

You can install a patch with SSH as well. You will need SSH, if you don’t know how to set up SSH, contact your hosting provider.

  • Upload the patch files in the root,
  • In the ssh console, run the following command.

For .sh file extension

Sh PATCH_SUPEE-8788.sh

For .patch file extension:

patch —p0 < patch_file_name.patch

Method 3:

Download the zip file for the patch installation. You can also download these Pre Patched files from GitHub. After downloading the files, simply upload them to your Magento root folder.

Magento version SUPEE-8788
Magento 1.9.2.4 SUPEE_8788_Magento_1.9.2.4 V2
Magento 1.9.2.3 SUPEE_8788_Magento_1.9.2.3 V2
Magento 1.9.2.1 SUPEE_8788_Magento_1.9.2.1 V2
Magento 1.9.1.1 SUPEE_8788_Magento_1.9.1.1 V2
Magento 1.9.0.1 SUPEE_8788_Magento_1.9.0.1 V2
Magento 1.8.1.0 SUPEE_8788_Magento_1.8.1.0 V2
Magento 1.7.0.2 SUPEE_8788_Magento_1.7.0.2 V2

Delete all files under media skin\adminhtml\default\default\media

Possible Issues with Solutions:

  • Make sure you haven’t deleted or renamed the “Downloader” directory else the patch installation will fail as it patches a file within the downloader. The best solution is to restore the directory, apply the patch and delete it again. Or you can also remove the instructions for downloader/lib/Mage/HTTP/Client/Curl.php from the patch.
  • If you get a “Hunk Failed” error message, it is generally because of either a changed core file or missing earlier patches. Make sure you have installed all the previous patches and haven’t made any changes in the Magento core.
  • Another most common issue is that the patch fails to delete .sfw files because of their binary content. to overcome this error, check the answer here:

Conclusion:

It is highly recommended to get your Magento version upgraded to 1.9.3 which includes all the security patches including SUPEE 8788. 

If you need any help regarding Magento version Upgrade, Checkout our Magento Upgrade Service. If you face any challenges during the installation of Magento SUPEE 8788 With or Without SSH, catch us at any time through the comment box below. 

Happy Reading!

 

Click to rate this post!
[Total: 15 Average: 4.7]
Dhiren Vasoya

Dhiren Vasoya is a Director and Co-founder at MageComp, Passionate ?️ Certified Magento Developer?‍?. He has more than 9 years of experience in Magento Development and completed 850+ projects to solve the most important E-commerce challenges. He is fond❤️ of coding and if he is not busy developing then you can find him at the cricket ground, hitting boundaries.?

View Comments

  • Hi I am using Magento 1.9.1.0

    From the report of magereport.com says my site is risk. Mostly red colored one is for install Patch8788 is there any other patches needed for that . Should I updraded to 1.9.3 for doing this patch

  • Hello, i'm on Magento 1.9.1.0 and i see there is no patch for 1.9.1.0
    Do you think SUPEE_8788_Magento_1.9.1.1 V2 is compatible with my version? Does anyone met any issue?

  • PERFECT!
    i just uploaded the files from your download link "SUPEE_8788_Magento_1.9.2.4 V2" to magento root. And then i deleted flex.swf, uploader.swf, uploaderSingle.swf from /skin/adminhtml/default/default/media/

    Thank you so much for this tutorial!

  • I installed SUPEE 8788 for Magento 1.9.2.4 with simple copy of the files in the root. It is not clear to me if I have also to remove flex.swf, uploader.swf, uploaderSingle.swf from /skin/adminhtml/default/default/media/. Should I remove them?

    • Yes, you will need to because that's what the sh file does automatically when you run the patch file.
      For this manual, we will need to delete it manually,

  • I installed SUPEE 8788 for Magento 1.9.2.4 with simple copy of the files in the root. It is not clear to me if I have also to remove flex.swf, uploader.swf, uploaderSingle.swf from /skin/adminhtml/default/default/media/. Should I remove them?

  • Hello, I upload the uploaded file magento 1.7.0.2, Can't upload images in new product ,how to solve this problem?

    • Make sure you have installed all the patches, there was an issue of can't upload images for new product, but Magento guys have fixed them.

  • Hello, I upload the uploaded file magento 1.7.0.2, Can't upload images in new product ,how to solve this problem?

Recent Posts

How to Add Tooltip in Checkout Shipping Field in Magento 2?

Hello Magento Friends, In today’s blog, I will explain How to Add Tooltip in Checkout…

2 days ago

How to Integrate and Use MongoDB with Laravel?

MongoDB is a popular NoSQL database that offers flexibility and scalability when handling modern web…

4 days ago

NodeJS | Callback Function

In NodeJS, callbacks empower developers to execute asynchronous operations like reading files, handling requests, and…

4 days ago

How to Show SKU in Order Summary in Magento 2?

Hello Magento Friends, In today’s blog, we will learn How to Show SKU in Order…

6 days ago

Best Colors to Use for CTA Buttons

The "Buy Now" and "Add to Cart" buttons serve as the primary call-to-action (CTA) elements…

1 week ago

Magento 2: How to Save Custom Field Value to quote_address for Multi-Shipping Orders

Hello Magento Friends, In Magento 2, the checkout process allows customers to choose multiple shipping…

1 week ago