SUPEE-6788 security patch Q&A: extensions compatibility

Our customers are asking a lot of questions about the latest security patch and its influence on the performance of some modules, such as Magento blog extension, Favorite Products and more. We’ve compiled the most popular questions about the issue and answered them for your convenience.

Seeking for a solution to track all the backend activities? Try out this Magento Admin Log extension.

What is SUPEE-6788?

It’s a security patch, mainly targeted to get rid of the vulnerability, which is connected with non-default admin URLs automated attacks.

Is the patch live now?

Yes, it is.

I heard that some of my extensions are vulnerable.

No, this is a Magento vulnerability. Extensions could be only affected by the security patch.

I heard that I will experience issues with my extensions after the security patch installation.

Some extensions don’t use admin routing at all, and their performance won’t be affected by the patch.

Some extensions are using admin routing, and there are two ways of handling it.

For now thanks to the docs that Magento guys provided us with, we know that the first way of handling admin routing is perfectly okay, and the second one will cause compatibility issues with some extensions.

To ensure the correct performance of all extensions that use the second way of handling admin routing, right now we are working on updates and changing this mechanism so the extensions will work perfectly well with SUPEE-6788 (as of 27 Oct, 2015).

Amasty team is doing its best to update all the extensions within 24 hours.

Will all my extensions from Amasty be affected?

No. Since not all the extensions are using admin routing, many extensions won’t be affected by the patch and will be working as expected.

What should I do?

1. Please install the security patch: this is a crucial step to protect your store from automated attacks.

2. Please update your Amasty extensions after the patch installation. You can easily download the updated extensions in your account if your support period is valid. To know if you need to update, just look into the changelog. If there’s an update about security patch compatibility, you’ll see it right away:


Here’s the final list of extensions you should update:

  • Abandoned Cart Email
  • Admin Actions Log
  • Advanced Customer Segments
  • Advanced Permissions
  • AJAX Image Uploader
  • Blog Pro (also check security patch compatibility with Magento 2 Blog plugin)
  • Custom Address Fields
  • Customer Attributes
  • Customer Group Catalog
  • Detect Missing Pages
  • Duplicate Categories
  • Efficient Order Export
  • Email to Customers
  • Errors Log
  • Extended Order Grid
  • Extended Product Grid with Editor
  • Favorite Products
  • Follow Up Email
  • Full Page Cache
  • Generate and Import Coupons
  • GeoIP Data
  • Gift Wrap
  • Import Product Tags
  • Improved Layered Navigation
  • Mass Order Actions
  • Meta Tags Templates
  • One Step Checkout
  • Order Manager Toolkit
  • Order Memos and Attachments
  • Order Status
  • Out of Stock Notification
  • Payment Restrictions
  • Product Attachments
  • Product Feed
  • Product Manager Toolkit
  • Promo Banners
  • Promotions Manager
  • RMA
  • SEO Toolkit
  • Shipping & Payment By Customer Groups
  • Shipping Restrictions
  • Shipping Rules
  • Shipping Table Rates
  • Smart Review Reminder
  • Store Locator
  • Tier Price
  • Two-Factor Authentication
  • XML Google Sitemap

3. If you are still experiencing any issues or have questions on the case, don’t hesitate to submit a ticket for our support team.

Please note that updates for SUPEE-6788 compatibility are delivered for free.