For anyone looking for Magento help, there’s no better place to start than The Magento Stack Exchange: http://magento.stackexchange.com/
The Magento SE is a Q&A site for users of the Magento e-Commerce platform where questions get answered by the people who work with Magento every day.
If you have Magento 2 installed and the version is less than 2.0.4 then you should upgrade immediately to take advantage of the following security fixes:
- Server-side cross-site scripting via user name
- Reflected cross-site scripting in Authorize.net module
- Arbitrary PHP code execution using language packs
- API token access vulnerable to brute force attacks
- Web API allows anonymous access
- Weak encryption keys when generated from Manage Encryption Keys page
Magento released 2.0.3 to address these issues but released 2.0.4 last night at 9pm to fix a packaging issue with 2.0.3. You can skip 2.0.3 and go straight to 2.0.4.
Successfully upgrading to the latest Magento 2 version 2.0.4 depends on how it was initially installed.
If you installed M2 from the official release then upgrading to 2.0.4 is easy:
- Log into your Magento2 Admin with an administrator-level account
- Go to System > Web Setup Wizard
- Enter your Authentication Keys in System Configuration. I needed to get new keys for mine to work but you may not have to. If it fails then you can generate new keys here:
- Click on System Upgrade to start the Upgrade Wizard.
- Follow the steps. If it fails then you’ll have to perform the upgrade manually (see below). The bad news is that this means uninstalling and reinstalling so be sure to back up your extensions. Luckily, thanks to the way M2 is structured it isn’t very difficult to save your work. Remember to BACKUP your files and database just in case something goes wrong!
If you installed M2 using git clone from the Magento2 CE GitHub repo:
- To update the Magento software, use git pull origin and composer update
- To change versions from develop to a release version like 2.0.2, you must uninstall the Magento software and install the released version.
- To add, remove, or update components, modify composer.json and run composer update
- To reinstall the Magento software, modify the product version in composer.json, run composer update, then reinstall the Magento software
If you’ve already installed M2 2.0.3 then be sure to uninstall and then install 2.0.4 to get the full benefit of the security fixes.
More information can be found at the official Magento website.
Five years ago today I attended the MagentoU class at Magento HQ in Culver City, California. It was an intense week-long class taught by Ben Marks and Vinai Kopp. I learned a lot that week and met some really nice people! I framed the completion certificate and still have it hanging on my wall.
I have a few more that I’ve added since then:
Today, I’m spending my Saturday learning and tinkering with Magento2. I want be ready whenever the M2 Certification comes out (I’ve heard December 2016).
Facebook reminded me of this anniversary date so below are some of the pictures that I took during the 2011 MagentoU class. Time flies!