WebCitz Blog


Upgrade to Magento 1.8.1.0 via SSH

This Magento upgrade tutorial will help guide you through the process of updating / upgrading your Magento installation from 1.4+ to 1.8.1,0. which was released on Dec 11, 2013. For the purpose of this tutorial, we will assume you have access to SSH on your hosting account. You should always create a backup of your entire website/database before proceeding with an upgrade and never perform these steps on a live store. Please be sure to obtain updated files from the authors of any Magento extensions you have installed on your website.

  1. Change to your Magento installation directory:
    (swap “username” below for your account’s username, or change the entire path to match your absolute URL)

    cd /home/username/public_html
  2. Download Magento 1.8.1.0 from MagentoCommerce.com:
    wget http://www.magentocommerce.com/downloads/assets/1.8.1.0/magento-1.8.1.0.tar.gz
  3. Extract the archive:
    tar -zxvf magento-1.8.1.0.tar.gz
  4. Change to the directory created during extraction:
    cd magento
  5. Turn off file replacement prompts:
    unalias cp
  6. Copy the Magento 1.8.1.0 files over your existing files:
    cp -rf * /home/username/public_html
  7. Change back to your Magento installation directory:
    cd ../
  8. Remove the empty folder
    rm -rf magento
  9. Optional: CHMOD all files to 644:
    find -type f -name ‘*.*’ -exec chmod 644 {} \;
    Optional: CHMOD all folders to 755:
    find -type d -exec chmod 755 {} \;
    Optional: CHOWN all files/folders:
    chown -R username:username *

Joomla 3.2.3 Update

Please know that Joomla has released a security update for Joomla versions between 3.1.0 and 3.2.2. Please update to version 3.2.3 at your earliest convenience. If you are interested in having our team implement this update, please contact us.

  • Severity: High
  • Versions: 3.1.0 to 3.2.2
  • Exploit type: XSS Vulnerability
  • Issues: Inadequate escaping leads to SQL injection vulnerability. Inadequate escaping leads to XSS vulnerability in com_contact. Inadequate escaping leads to XSS vulnerability. Inadequate checking allowed unauthorised logins via GMail authentication.