I am a developer with limited Magento experience. The agency I work for recently inherited a Magento 1.9.2.4 site. I went through and installed several security patches, 10266, 10415, 10570, 10888, 10975, 11086, 11155, 11219, 11295, 11314, and 11346. After installing these, there was a consistent error when trying to update the Shipping Methods under System > Configuration, when hitting 'Save Config' the 'Invalid URL scheme' error would display and no changes would be saved. This is after flushing all caches, deleting the session and cache folders, running compilation. The error was coming from
app/code/core/Mage/Adminhtml/Model/System/Config/Backend/Gatewayurl.php
which was created in patch SUPEE-11086. Reverting this security patch in particular and re-installing the others fixed the issue. My question is - why would this have been occurring, is this patch critical when having the others installed, and if so what can I do to install it without it breaking the shipping methods area (all other areas worked & saved fine?) Our server has been under attack quite often recently so I would like to eliminate as many vulnerabilities as possible. And yes our goal is to get the client to upgrade to Magento 2.
Thank you for providing detailed information about the issue you encountered after installing SUPEE-11086 on Magento 1.9.2.4. It's unfortunate to hear about the 'Invalid URL scheme' error affecting the update of Shipping Methods. This particular patch aimed to address security vulnerabilities, and it seems there might be an interaction issue in your specific setup. As your server has been under frequent attacks, security is paramount. It's crucial to maintain a secure environment, so finding a resolution that allows for both security and functionality in the Shipping Methods area is essential. If upgrading to Magento 2 is a possibility, it would provide a more robust and secure solution in the long term.