New SUPEE-6788 patch can be downloaded as usual from Downloads page:
or installed as a regular Magento upgrade via Downloader (it is included in Magento 18.104.22.168 version).
You can install it in the same way as previous patches or by upgrading to Magento 22.214.171.124.
To apply the patch you need SSH access (shell access actually, SSH is just most used way to get shell access) to the server.
If you wish to save time and have us to install these patches for you, simply click here to order installation.
Step 0: Preparations
Update all third-party extensions, disable and uninstall any unused extensions.
Step 1: Verify your Magento version
As you can see in the example, it is Magento 126.96.36.199
Step 2: Download corresponding patches
Patches are obtained from https://www.magentocommerce.com/products/downloads/magento/
Make sure to get the right version.
Step 3: Place patches into Magento Root directory
Upload your files into Magento root directory. It is important to place patch files directly into Magento root directory and execute it also directly in Magento root directory.
Step 4: Run the patches
Step 5: Verification and flush of PHP opcode cache
Verify patch status at our patch tester page.
Test that your store is working. If you use PHP opcode caches (APC/XCache/eAccelerator) make sure to flush it after patching (or restart webserver), otherwise code will continue to run from caches.
You can disable it as shown below:
Disabling Secure Admin Routing compatibility mode for extensions
Additionally, if your store still use default /admin/ path, you may consider securing your Magento /admin/ by admin path change and restrict access to
- CMS pages and transactional emails broken after SUPEE-6788 patch to Magento
- Reset Password page is blank after SUPEE-6788
- Magento registration form does not work after SUPEE-6788
If you need to rollback the patch due to some reason, you can use –revert option, Just execute it again in the same Magento root directory by appending –revert option: