How to update Magento 2 to a newer version and install the latest Security Patches

Back to Blog
How to update Magento 2 to a newer version and install the latest Security Patches

Owning and managing an online store is a big responsibility not only to your employees but also to customers. It is important for them to feel safe when shopping online and to have confidence that they can enter personal data to complete the sale. To avoid any inconvenience, it is important to have a backup for all files and the database and also to update applications and the platform whenever necessary.

Magento 2 is one of the most used eCommerce platforms in the world and one of the most secure. You probably know this if you've already chosen it for your online store. Magento has a high degree of security, both for users and for webmasters. You can install other Magento 2 extensions to make your life easier and improve security on the platform if you want, but you need to know that the basic degree of protection is sufficient. 

As we mentioned, whenever a new version of Magento 2 is available, you should update it as soon as possible. It's a fairly simple and intuitive process, so you won't have to worry. However, keep in mind that for security, you must backup your database and files.

Here's the best way to upgrade your Magento environment to a new version, step by step. For this example, we'll be using Magento Open Source, updating to version 2.4.1.

Note I: Make sure to back up your codebase and database before performing a Magento upgrade. 

Note II: Back up your .htaccess file, as it is overwritten when you upgrade.

Note III: Magento has a useful Upgrade Checklist that you should check out before moving forward with the upgrade: Update and Upgrade Checklist


Manage Packages

Step 1 - Enabling maintenance mode

To prevent unauthorized access to the store while you're updating the Magento version, it's important to enable the maintenance mode with this command:

bin/magento maintenance:enable

Step 2 - Backing up the composer file

Back up the composer.json file with the following command:

cp composer.json composer.json.bak

Step 3 - Choosing the new Magento version

Indicate the Magento version you'd like to update to. 

composer require magento/product-community-edition=2.4.1 --no-update

Note: To see a full list of available Magento 2.4 versions, you can run the following command:

composer show magento/product-community-edition 2.4.* --all | grep -m 1 versions


Update metadata

Step 4 - Updating composer file details

Update the "name", "version" and "description" fields in your composer.json file.

Step 5 - Applying the update

Apply the update with the command below:

composer update

Step 6 - Clearing cached files

Clear the var and generated directories with the following commands:

rm -rf var/cache/*
rm -rf var/page_cache/*
rm -rf generated/code/*

Step 7 - Updating the DB

Update the DB schema and data with the following command:

bin/magento setup:upgrade

Step 8 - Disabling the maintenance mode

Use the following command to disable the maintenance mode so you can check and ensure the update was successful:

bin/magento maintenance:disable

You should be done! The next step is to go ahead and check the front end of your store. If the installation was successful, it will load correctly.