cancel
Showing results for 
Search instead for 
Did you mean: 

SUPEE-5344 reporting issue

SOLVED

SUPEE-5344 reporting issue

We keep receiving the patch notification in the admin panel/messages.

And the hoster sent an email that the shop is still vunerable.

 

However,

1) https://shoplift.byte.nl/scan

does say the shop is patched

 

2) find /data -wholename '*/app/code/core/Mage/Core/Controller/Request/Http.php' |\
xargs grep -L _internallyForwarded

does not find anything

 

3) a file comparison of the shop's http.php with the patched version shows no differences

 

So why do the hoster and magento thing it is not patched?

4 REPLIES

Re: SUPEE-5344 reporting issue

The Magento message is only a notification. Magento doesn't have any function to detect whether it has been patched or not. You make it go away by going to System=>Notifications and mark the notification as being read.

 

The only way you can tell is the append to app/etc/installed.patches.list tells you if the patch had been run and by actually diff'ing the patched files against your version's unpatched files to see that the changes have been applied. (Download the install archive, uncompress somewhere so you have originals)

 

Ask the hosting provider how they've determined the patch hasn't been installed.

 

I don't trust that grep command that was posted, I came across it, tried it and it kind of did nothing.

 

The following command line entry can quickly tell if this file has been patched by looking for the added _internallyForwarded flag. Run it in your Magento root folder:

 

grep "_internallyForwarded" app/code/core/Mage/Core/Controller/Request/Http.php

The following output is what you would expect to show the file has been patched.

 

public_html$ grep "_internallyForwarded" app/code/core/Mage/Core/Controller/Request/Http.php
     protected $_internallyForwarded = false;
        $this->_internallyForwarded = (bool)$flag;
        return $this->_internallyForwarded;

Re: SUPEE-5344 reporting issue

Hello @ybaer

 

1. First of all the patch message is just notification, so once you mark as read it will not show again

2. If you are not sure patch is being installed or not, you can check this blog and install the patch again, then try

https://magecomp.com/blog/how-to-install-magento-security-patches/

 

 

SECURITY DISCLAIMER: The above website contains Magento Security Patch files which are self-hosted by the user and as such unsafe. Magento Forum advise all users to only download patch files from the official Magento Downloads page. 

 

Found something useful, please give "Kudos" or "Accept as Solution" for Token of Appreciation.
Free Magento Extensions : https://magecomp.com/free-magento-extensions.html

Re: SUPEE-5344 reporting issue

Thank you for your responses. I did a diff on all patched files and no difference so looks all good.

 

What was odd is that we kept reading and removing the magento mails yet they kept coming back. In one blog it sounded like Magento was scannign shops and sending those messages targeted..

Re: SUPEE-5344 reporting issue

In one blog it sounded like Magento was scannign shops and sending those messages targeted..

== No no, It is just notification, actually it is really very important to apply the patch to keep your secure your Magento store and that's why they are sending again and again.

Found something useful, please give "Kudos" or "Accept as Solution" for Token of Appreciation.
Free Magento Extensions : https://magecomp.com/free-magento-extensions.html