On August 13, 2024, Magento released the APSB24-61 security update, addressing several critical, important, and moderate vulnerabilities. As a Magento 2 store owner, it’s crucial to understand the key aspects of this update and take action to protect your store.
In this article, we’ll break down the essentials of this security patch and explain the steps How to install APSB24-61 Security Patch for Magento 2.
Affected products and versions
Adobe Commerce on Cloud, Adobe Commerce on-premises, and Magento Open Source, Check the Security update available for Adobe Commerce
- 2.4.7-p1 and earlier
- 2.4.6-p6 and earlier
- 2.4.5-p8 and earlier
- 2.4.4-p9 and earlier
Why You Should Apply the APSB24-61 Patch
The APSB24-61 patch fixes several security vulnerabilities, including critical flaws that could expose your store to attacks. These vulnerabilities might allow unauthorized access, data leaks, or even complete control over your store. Applying the patch ensures these security holes are plugged, keeping your data and customers safe.
As a Magento 2 store owner, it’s essential to stay up-to-date with the latest security measures, like the APSB24-61 Security Patch. At IT Castle, we specialize in helping businesses like yours maintain secure and optimized eCommerce stores. Our Adobe-certified Magento developers are experienced in applying critical updates like the APSB24-61 Security Patch quickly and efficiently to ensure your store’s security is always up-to-date.
Keeping your Magento store safe from vulnerabilities is a crucial part of maintaining customer trust and safeguarding sensitive data. The APSB24-61 Security Patch addresses numerous vulnerabilities, and our team at IT Castle ensures smooth implementation and minimal downtime when applying these important updates.
Prerequisites Before Applying the Patch
Before you apply the security patch, there are a few things you need to do to ensure a smooth process:
- Backup Your Store: Always back up your entire Magento store, including files and databases, to avoid data loss in case anything goes wrong.
-
Put the Store in Maintenance Mode: This will prevent customers from accessing your site during the update, reducing any disruptions or issues.
- Check Magento Version Compatibility: Ensure that your Magento 2 store is compatible with the APSB24-61 patch. You may need to upgrade your Magento version if it’s outdated.
php bin/magento maintenance:enable
Step-by-Step Guide to Install/Apply APSB24-61 Patch
you may get confused where to find Magento 2 latest security patches, or how to install/apply the APSB24-61 or similar patch into your Magento store. We are going to use isolated patches/hotfixes. If you need any Magento Development Service or Security patch instalation service you can hire us.
2. Install Quality Patches Tool
Quality Patches Tool is a command-line tool that delivers quality patches for Adobe Commerce and Magento Open Source. It allows you to:
- To view the general information about the latest patches.
- To apply patches.
- To revert previously applied patches.
Run the following command to install Quality Patches
composer require magento/quality-patches
2. Create a directory named m2-hotfixes in the Magento root.
If you do not have a directory named m2-hotfixes in the project root, please create one.
mkdir m2-hotfixes
3. Download the APSB24-61 security patch Patch
First, download the APSB24-61 security patch from the Magento Security Center. Make sure to select the version that corresponds to your Magento installation.
4. Upload the patch to your m2-hotfixes directory.
Once you’ve downloaded the patch, use FTP/SFTP or SSH to upload it to your Magento m2-hotfixesdirectory on your server.
5. Apply the Patch Using SSH
Navigate to your Magento root directory using SSH. Run the following command to apply the patch:
patch -p1 < %patch_name%.composer.patch
Make sure to replace %PATCH_NAME% with the actual name of the file you downloaded under a Zip file.
patch -p1 < AC-12485_Hotfix.composer.patch
If the above command does not work, try using -p2 instead of -p1
6. Clear Magento Cache
After applying the patch, you need to clear the cache to ensure the changes take effect. Run the following commands:
php bin/magento cache:clean
php bin/magento cache:flush
7. Disable Maintenance Mode
Once the patch is applied and the cache is cleared, disable maintenance mode to bring your store back online:
php bin/magento maintenance:disable
8. Verify the Patch Installation and status
To ensure the patch was successfully applied, check your Magento Admin Panel or run the following command:
php ./vendor/bin/ece-patches status
9. Regenerate Your Magento Encryption Key
Changing your Magento encryption key adds an extra layer of security for your sensitive data. To do this, log in to your Admin Panel and navigate to:
System > Other Settings > Manage Encryption Key.
In the “New Key” field, enter a new encryption key of your choice and click ‘Change Encryption Key’. This will update the old encryption key with the new one, offering enhanced protection for your store’s sensitive information, such as customer data and payment details. Regularly updating your encryption key is a great practice to keep your Magento store secure.
php bin/magento setup:config:set --key="<new_encryption_key>"
Additional Steps for Customizations
If your store has custom themes or extensions, it’s important to test everything after applying the patch. Make sure that custom code and third-party extensions are compatible with the new security update. It’s always a good idea to perform the update in a staging environment before applying it to your live store.
Conclusion
At IT Castle, we prioritize your eCommerce store’s security. Applying the APSB24-61 Security Patch is just one part of keeping your Magento 2 or Adobe Commerce site secure. Our Adobe-certified Magento development team is experienced in handling all security updates, including how to install Magento 2 security patches and install new Adobe security patches. We ensure your store remains protected from potential vulnerabilities.
Whether it’s the latest APSB24-61 Security Patch or other vital security updates, we provide comprehensive solutions to install new Adobe security patches and safeguard your online business. With our support, you can ensure that every Magento 2 security patch is properly applied to minimize risks and downtime.
Let IT Castle help you stay secure with professional patch installations and ongoing maintenance for your Adobe Commerce or Magento 2 store. We specialize in applying critical updates like the APSB24-61 Security Patch, along with offering custom development and optimization services to keep your website running smoothly. Trust us to handle everything from installing Magento 2 security patches to implementing custom security measures tailored to your business needs.
