Magento Expert Forum - Improve your Magento experience

Results 1 to 3 of 3

New Magento Security Patch SUPEE-6788

  1. #1
    New member
    Join Date
    Aug 2015
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default New Magento Security Patch SUPEE-6788

    Magento has just released a new security update for their Community and Enterprise users. The security patch is called SUPEE-6788 and it fixes over 10 different security issues in Magento. The update is so big, that a lot of people might even experience broken extensions after installing the security patch. You can see how this patch will affect your code in this document: http://codingbasics.net/Magento-Patc...al-Details.pdf

    Patches are available for Magento Enterprise Edition 1.7 and later releases and Magento Community Edition 1.4 and later releases.

    Source: http://codingbasics.net/magento-secu...llation-guide/

    View more threads in the same category:


  2. #2
    Junior Member Amasty's Avatar
    Join Date
    May 2013
    Posts
    397
    Thanks
    1
    Thanked 4 Times in 3 Posts

    Default

    Our customers are asking a lot of questions about this latest security patch and its influence on performance of some extensions. We’ve compiled the most popular questions about the issue and answered them for your convenience.
    As for the list of extensions found at http://codingbasics.net/magento-exte...th-supee-6788/ , we've already updates most of them.
    Please visit to find all the necessary info https://blog.amasty.com/supee-6788-q...ity-important/

    Name:  header-supee-6788-security-patch-q-a-extensions-compatibility-important.jpg
Views: 268
Size:  102.7 KB

  3. #3
    Junior Member
    Join Date
    Mar 2016
    Posts
    20
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    How to install SUPEE-6788

    In most cases this patch can be applied safely. However, as always, we recommend to test extensively on a testing/staging environment. (Hypernode users can set-up a basic staging environment).

    Some parts of this patch are optional, because it breaks backward compatibility with many extensions. So Magento has made a switch in the back-end to enable this extra measure. The rest of the patch can be applied relatively safely. Take note of the following issues (that will only affect a small number of installs):

    Have a custom <code>customer/form/register.phtml</code> template? It will break if you don’t add a form_key.
    Do you use non-standard variables in CMS pages, static blocks or email templates? They need to be whitelisted.
    Do you run the Magento cron through HTTP are are you using Apache? There is a new access control on cron.php, so you should change the .htaccess to include your local IP, or (better yet) run the cron through commandline PHP.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •