I installed the patch 6788 on various projects and everything works good, but for one of them Magereport says, that "Security patch 6788 (secrets leak) not installed" (all other projects are OK).
I checked the recommendations at https://support.hypernode.com/knowledgebase/how-to-install-magento-patch-supee-6788/#Patch_6788_is_i... checked register.phtml templates (whether "form_key" exists) but it didn't help.
What else should I check? What pages of the store or what criteria uses Magereport to define if patch is installed or not?
the problem is, that my result is not grey ("unknown"), but the orange one ("not installed"). For all other stores (about 10) I have the green colour ("installed").
I can't guest why the same patch can not be detected on one of the projects but it can be detected an all other projects. It must be a list of criteria, according to which the Magereport crawler decides if the patch is installed or not.
yes, we checked this. Besides of that, this patch can not be detected by MageReport also on our staging server (where many other patched projects are located, which patches (6788) can be detected by MageReport).
One more thing:
three years ago this store had been upgraded from 11.0.2 to 188.8.131.52 (and the patch 6788 was applied as for 1.13 of course). Can the fact of upgrade have an eventual influence on this issue?
I recommend that you check out this extension, it's called MageFence: https://www.magentocommerce.com/magento-connect/catalog/product/view/id/30596/
It checks whether patches have been installed by scanning the files internally, as opposed to magereport that is just a front-end scan. So it can determine whether a patch is applied or not with certainty. And it also has many others very useful features for improving security.