120 likes | 133 Views
Our Professional Magento certified Developers, as well as Magento Experts deliver protective service by eliminating PRODSECBUG-2198 effect on Magento2 Store.
E N D
About US Magento Guys is a reputed Magento 2 web development company, who delivering innovative Magento Development Services to the clients in the worldwide. We have more than 8+ years of experience with 1800+ projects in the industry offering uniquely tailored Magento solutions helping our clients flourish their business horizon. We have successfully completed 100+ e- commerce stores, licensed, static, pass, saas and more. www.magentoguys.com
Save your Magento 2 store from PRODSECBUG- 2198 With the increase in the Magento users, the hackers are also increased. The number of cyber-attack doubles every time in Magento 2.x. There is a security bug in the Magento 2.x content system which makes us discover the new and new methods to save the site.That bug is called PRODSECBUG-2198. This is responsible for the damage to the sites.The card details of the customers are stolen from the website. Hackers have become more and more expert with malware nowadays. A security engineer at Ambionics discovered and reported the PRODSECBUG-2198, and the security updates and patches were released on March 26. Hiring the professional Magento certified developers, as well as Magento Experts, can help your store’s successful as well as bug-free development. www.magentoguys.com
With the above method in Magento 2.2 CE version you may face an error as below: bash PRODSECBUG-2198-2.2-CE.composer-2019-03-27-06-12-19.patch diff: unrecognized option ‘–git’ diff: Try ‘diff –help’ for more information. PRODSECBUG-2198-2.2-CE.composer-2019-03-27-06-12-19.patch: line 2: index: command not found PRODSECBUG-2198-2.2-CE.composer-2019-03-27-06-12-19.patch: line 3: —: command not found In order to avoid this error, follow the below steps: • If you use git for your project: git apply PRODSECBUG-2198-2.2-CE.composer-2019-03-27-06-12-19.patch www.magentoguys.com
• use patch Remove the a/ and b/ before the path name. Move the patch file to your Magento root and execute patch -p0 < PRODSECBUG-2198-2.2-CE.composer-2019-03- 27-06-12-19.patch About PRODSECBUG-2198 Type: Injections: SQL CVSSv3 Severity: 9 (Critical) Description: An unauthenticated user can execute arbitrary code through an SQL injection vulnerability, which causes sensitive data leakage. www.magentoguys.com
Product(s) Affected: Magento Open Source prior to 1.9.4.1, and Magento Commerce prior to 1.14.4.1, Magento 2.1 prior to 2.1.17, Magento 2.2 prior to 2.2.8, Magento 2.3 prior to 2.3.1 Fixed In: Magento Open Source 1.9.4.1, Magento Commerce 1.14.4.1, SUPEE-11086, Magento 2.1.17, Magento 2.2.8, Magento 2.3.1 Reporter: cfreal Steps to install the PRODSECBUG-2198 patch Backup Your Magento Store Before applying any new security patch, you will have to first take the back up of your Magento store. Download & Upload the Patch The next step is to download the Patch PRODSECBUG-2198 from here for your Magento Store Version and then you will have to upload it to your Magento folder. www.magentoguys.com
Apply the Patch After you log in to your shell server and navigating to your Magento folder, you will have to run the following command: Bash patch – Name For e.g. bash PRODSECBUG-2198-2.3-CE.patch Clear your Magento Cache Just remove your Magento Cache once you apply the patch. There are two steps to clear the cache • • flush the cache from Magento admin run the following SSH commands Confirm the Patch Installation www.magentoguys.com
You will have to confirm whether the patch is being installed successfully or not. For that you can run the following command to check whether the patch has been installed successfully or not grep ‘|’ app/etc/applied.patches.list grep ‘|’ app/etc/applied.patches.list Remove the Patch file After the successful patch installation, you can remove the .patch file from the root of your Magento. Make Your Magento Store More Secure In this time, when security is the topmost priority as well as when the customers become your regular ones on the basis of your security you provide, make sure that you follow all the tips given below www.magentoguys.com
• Regularly update your Magento Installation • Follow The Best Magento Development Practices • Magento Store On a Secure Server • Magento Security Checker www.magentoguys.com
Why You Choose MagentoGuys? www.magentoguys.com
Read the complete story follow the link below:- Save your Magento 2 store from PRODSECBUG-2198 Read Blog: https://www.magentoguys.com/blog/ www.magentoguys.com
LET'S GET TOGETHER Start Discussion About Your eCommerce Development & Online Marketing Hassle-free One Stop Solutions, Hire Us! Website: https://www.magentoguys.com/ Skype: bdo3.magentoguys Email: info@magentoguys.com Call: +91 7096620202