How to Install Magento SUPEE 11086 [With or Without SSH]

ALERT!

Following the release of the Magento 2 Security Patch PRODSECBUG – 2198 and SUPEE 11086, proof-of-concept (POC) exploit was published, for SQL Injection vulnerability, giving the hackers a path to the database of your E-commerce sites! This provokes the urgency to patch your store NOW! You can either follow this blog post or contact us for instant help!

Security is of the foremost concern when it comes to Magento E-commerce store. Owing to this, the latest Magento SUPEE 11086 is released on March 26, 2019.

The security patch Magento SUPEE 11086 comes with fixes like close remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities.

With nearing of Magento 1 end of life, it is strongly recommended to migrate to the latest Magento 2.4.6 rather than installing Magento SUPEE-11086.

Methods to Install Magento SUPEE 11086:

1. Using SSH
2. Without using SSH

Each method in detail,

1. Install Magento SUPEE 11086 using SSH:

   Contact your hosting provider if you don’t know how to set up SSH. Download Magento SUPEE 11086 Patch files for your Magento Version from here.

   Upload the patch into your Magento root directory and run the appropriate SSH command:
   For .sh file extension:

   sh patch_file_name.sh

   1	sh patch_file_name.sh

   Example:

   sh PATCH_SUPEE-11086_CE_1.9.1.0_v1.sh

   1	sh PATCH_SUPEE-11086_CE_1.9.1.0_v1.sh

   For .patch file extension:

   patch —p0 < patch_file_name.patch

   1	patch —p0 < patch_file_name.patch

   For Linux OS or Ubuntu derived machines:

   On Linux OS or Ubuntu derived machines, using sh will throw an error as sh is supposed to be used only with purely POSIX compliant scripts and Magento scripts are not 100% POSIX compliant. Instead, on Ubuntu and derived OSes such as Linux Mint, you should use

   bash patch.sh

   1	bash patch.sh

   Note: Once executed the command, refresh the cache in the Admin under “System > Cache Management” so that the changes can be reflected. We strongly recommend that you test all patches in a test environment before taking them live.

2. Install SUPEE 11086 with PrePatched Files (without SSH method):

   Download the zip file for your Magento Version for the patch installation. You can also download these Pre Patched files from GitHub. After downloading the files, just upload it to your Magento root folder.

How to revert a patch if you are facing any issue?

Run the following SSH Command to revert your patch.

For both the above methods, if you face any difficulties in the implementation, feel free to post them in the Comments section below. I’ll help you out.

Moreover, have you faced an issue of Magento logging failed after installing SUPEE 11086 patch?

This is because log validation function added by Magento to validate extensions. It throws an error on is_readable() function in the case log file does not exist yet.

To solve this problem, check solution to Magento Logging Failed After Installing SUPEE 11086 Patch. However, if you install Magento SUPEE 11155 patch, you don’t need to worry.

Moreover, if you don’t want to be left out in availing the latest features such as Page Builder, PWA Studio, and much more, migrate your store to the latest Magento 2 version. You can order professional help using Magento 1 to Magento 2 Migration Service.

If this post helped you secure your store, do not forget to appreciate it with 5-star ratings!

Related Blogs:

• Download Magento 2 With Sample Data | All Versions