Magento Critical Error Message (Vulnerability)

By | April 18, 2015

Hello Folks

So everybody able to see Critical Error Message on Magento it means Something very serious for Developer and Merchant
The reminder was sent to all the store owners who have not updated their Magento yet for a vulnerability named as “Shoplift (SUPEE-5344)”. The bug was first detected in the month of Feb and Magento sent an update to its users to update their store.

Magento had done Some Random Survey and found that 60% of the website were not updated yet which counts to around 140,000 Magento installed online shops globally. May be many side will get affected in the coming days.so in order to avoid that they have given a patch file

Shoplift is a term given to a bug that allows hackers to take full control of your Magento Store. There was a patch released for it in February called “SUPEE-5344″.So mny stores are under vulnerability

In Order To check the site is under Vulnerbitlity go to this site https://shoplift.byte.nl/
please check the URL and Enter the URL of Amdin you will know the result that your website is under vulnerability

There are 2 Ways to apply a Magento patch:

1) Use an FTP client to upload the specific patch to the root of your Magento folder.
Create a PHP file called applypatch.php that will run the patch for you, and upload it to the root of your Magento folder. Make sure to use the right patch name here, if you don’t use the patch for version 1.8.x-1.9.x

<?php
print(“<PRE>”);
passthru(“/bin/bash PATCH_SUPEE-5344_CE_1.8.0.0_v1.sh”);
print(“</PRE>”);
?>

Note:”bin/bash” is not a folder it will remain same as it

Visit the file at http://your.domain.com/applypatch.php, and check if the output looks as expected.
Install patch manually

2) Another Way is through SH

Transfer the patch .sh file to your Magento installation root directory.

Note: This article assumes your patch file name ends in .sh. If your patch file name ends in .patch or something else, contact Magento Support before proceeding.
For example, /var/www/html/magento.

Enter the following command as a user with sufficient privileges to write to Magento files (typically, the web server user or root):
sh <em>patch-file-name</em>.sh

A message such as the following displays to confirm the patch installed successfully:
Patch was applied/reverted successfully.

For More Reference pleasae check the Below link
http://www.magentocommerce.com/wiki/1_-_installation_and_configuration/magento_tutorial_-_how_to_apply_a_patch
https://shoplift.byte.nl/

 

Please see the Attach Screen Shot Below

Leave a Reply