I am getting Parse error: syntax error, unexpected 'class' (T_CLASS) in /home/my_site/public_html/patch.php on line 266
I have read through several documents and also tried to install original htaccess and I'm still getting this error. Any help is greatly appreciated.
Can you post the code for the patch.php file you are using, not come across that file before.
I had problems installing patch on 220.127.116.11 my path to solving it is as below.
Magento Patch Security-patch-6788 - Updating from 18.104.22.168
Download patch from https://www.magentocommerce.com/download
Upload via ftp to the root of your magento install
domain.com/httpdocs or domain.com/htdocs or similar
Download 22.214.171.124 full download from the Release Archive page here https://www.magentocommerce.com/download
Copy full the /dev folder up to your magento install and overwrite what is there.
Rename your own htaccess file and copy both .htaccess and .htaccess.sample from the 126.96.36.199 download.
then run the patch file.
Compare and update your .htaccess file from your renamed .htaccess file
Update your cron task.
check it - >crontab -l
edit it - >crontab -e
type ‘i’ to edit/insert
add in below line
*/5 * * * * php /var/www/vhosts/domain.com/httpdocs/cron.php
press escape (top left of keyboard)
type :wq (this means write file then quit)
screen should say ‘crontab: installing new crontab’
If you would like to monitor your cron tasks for a particular magento site, please check the following links.
Once it runs successfully, make sure you update your custom template files as per here. https://gist.github.com/gwillem/dd421fef3a6370097a93#file-6788-diff-L2518
change your admin and downloader dir names or restrict via htaccess - https://support.hypernode.com/knowledgebase/how-to-protect-your-magento-store-against-brute-force/
And then start the process of cataloging all the extensions that need the admin flag updating http://pastebin.com/n4Tp8R6R
I uploaded the entire patch folder and the patch worked. I checked my site at https://www.magereport.com/scan/ and it says the patch was applied.
Two areas not secure are Unprotected development files
I read to fix this by Restrict Admin Access To Only Approved IP Addresses
This can be achieved via .htaccess
Deny from All
Allow from 10.10.10.0/24
The fix they say did not work
order deny,allow deny from all allow from my ip
can you please tell me how to secure these two areas?