AUG 05 2015

How to install SUPEE-6482 without SSH

According to announce sent on August 4, 2015 new security patch SUPEE-6482 is available for installation to cover several potential threats, one of which is critical:

August 4, 2015: New Magento Security Patch (SUPEE-6482) – Install Immediately
Today we are providing a new security patch (SUPEE-6482) that addresses 4 security issues; two issues related to APIs and two cross-site scripting risks. The patch is available for Community Edition 1.4 and later releases and is part of the core code of Community Edition, which is available for download today. Before implementing this new security patch, you must first implement all previous security patches. Download Community Edition or the patch from the Community Edition download page at

If you have no SSH access to apply the patch, you can simply upgrade your installation to Magento version which includes all the latest security patches (SUPEE-5344, SUPEE-5994, SUPEE-6285, SUPEE-6482). If Magento upgrade is not possible in the moment due to some reason you still can apply the patch via FTP/sFTP upload as shown in this article.

If you wish to save time and have us to install all these patches for you, simply click here to order installation.

SUPEE-6482 patch is not related to previous patches in any way and can be installed independently, prior to or after installation of other security patches (SUPEE-1533, SUPEE-5344, SUPEE-5994 or SUPEE-6285).

The following files are changed by SUPEE-6482:

  • app/code/core/Mage/Api/Model/Server/Adapter/Soap.php
  • app/code/core/Mage/Catalog/Model/Product/Api/V2.php

Applying Magento patches via FTP/sFTP or FileManager / File Upload

To apply patches in this way we simply replace changed files. This way can not be used blindly if you or your developers have changed any core Magento files (which is a big no-no, by the way). Such changes should be re-applied to patched files, or you loose these changes.

Before patching make sure to Disable Magento Compiler if you use it at System > Configuration > Tools > Compilation and clear compiled cache.

Patched version of these files for Magento packed into single ZIP archive: SUPEE-6482- Simply unpack it and replace files on your store by uploading app/ folder into your Magento root directory.

Patch for other versions

Older versions are patched in the same way, I am adding downloads for other versions into a single table on demand when I need to patch certain version:

Magento versionSUPEE-6482


Verify patch status at our patch tester page.

If you use PHP opcode caches (APC/XCache/eAccelerator) make sure to flush it (or restart webserver) after patching, otherwise code will continue to run from caches.

Additionally, if your store still using default /admin/ path, you may consider securing your Magento /admin/ by admin path change and restrict access to /downloader/.


If you have any difficulties with applying the patches please let us know in comments, so we can find the solution together.

Posted in: Magento Maintenance

How to install SUPEE-6482 without SSH
25 votes, 4.43 avg. rating (88% score)
  • Michel Post

    Are patches available for versions:,,,,,,,
    Thanks for the good work!

  • sahil

    Can you please also provide patch files for 1.6 and 1.7 version as i am getting issue with that.
    Patch work with one site for 1.6 version but not for other site.when i checked the code of Soap.php it’s different that’s why it’s giving error.

    patching file app/code/core/Mage/Api/Model/Server/Adapter/Soap.php
    Hunk #1 FAILED at 201.
    1 out of 1 hunk FAILED — saving rejects to file app/code/core/Mage/Api/Model/Server/Adapter/Soap.php.rej

    • sahil

      just to update that I was applying wrong patch that’s why getting issue.
      But still need all files so can use in future :)

  • Shaun Reid

    What needs to be done with get.php I overwrote the other files but Magento is still giving me the warning?

    • Daniel Marsden

      Installation of the plugin does not quash the warning message in Magento backend, this will continue after the patch.

      • Shaun Reid

        Ok Brilliant thank you for the help

  • Daniel Marsden

    @Shaun Reid Installation of the plugin does not quash the warning message in Magento backend, this will continue after the patch.

  • Dan Vince

    hi any chance of getting

  • Michel Post

    Can I use SUPEE-6482- for Magento

    • magentary

      Yes, the files are the same for

  • Bekir

    Hi, I tried to change my admin page and add captcha. When I click save, it returned to home page with no access to admin page from original admin or new admin page? I checked using ftp, local.xml is still admin. So I think adding captcha has disabled my admin entrance, can you help ?

    • magentary

      Why do you think it is caused by the patch? The only changes in the patch are for API communications, it has nothing to do with admin interface.

  • Jeffrey

    I am currently running, but after I uploaded the files with filezilla and it overwrites the file. My version still says
    I had the compiler disabled before I did the upload and I flushed the caches from Magento.

    Am I missing something?

    I read that the compiler had to be cleared, but it was disabled for some time now.

    • John Mocnik

      Some issue here. All patches manually uploaded in the right order, shop looks ok, but versionnumber still

  • John Mocnik

    Is it correct that the version numbers are not updated in the admin? still After first 5344, 5994 and today supee-6482 and last one 6482 which all looks succesfull, no errors ;-)

  • Tom

    Can I use SUPEE-6482- for Magento

    • magentary

      Yes, it is for versions between and

  • Andy

    I have installed the patch via FTP yet the Magento Security Patch Tester still thinks the patch has not been installed. Am I missing something?

  • mohammed

    does this work with – i installed patch but I’m still getting vulnerability when I do the test. I dont know how to clear the opcache.

  • adam688

    Thanks for your great work. Same question here. Can I install patch on ? Also Can I install patch on ?
    We can not upgrade our Magento to higher version, due to the high risk. Pls help us , thanks for your support.

  • stefan birca

    I uploaded the SUPEE 6482 patch but when testing with your tool it still shows it needs attention.
    Any advice?