https://magento.com/security/best-practices/security-best-practices
Download security patch from https://www.magentocommerce.com/download as per your version and run the patch
Security Check http://magento.com/security-patch
https://magecomp.com/blog/how-to-install-supee-7405-with-or-without-ssh/
https://magentary.com/kb/install-supee-7405-without-ssh/
https://github.com/brentwpeterson/magento-patches/tree/master/CE1.9
How to Apply and Revert Magento Patches
http://devdocs.magento.com/guides/m1x/other/ht_install-patches.html
https://support.hypernode.com/knowledgebase/how-to-apply-magento-patches/
Scan your Magento shop for known security vulnerabilities
https://www.magereport.com/
How to recover a hacked Magento shop
https://support.hypernode.com/knowledgebase/recover-a-hacked-magento-shop/
Updating Magento 1
http://support.hypernode.com/knowledgebase/updating-magento1/
Updating Magento via SSH
https://www.dwdonline.com/blog/how-to-upgrade-magento-via-ssh.html
http://support.hypernode.com/knowledgebase/updating-magento1/#Updating_Magento_via_SSH
https://www.kathirvel.com/magento-upgrading-magento-core-modules-via-ssh/
https://firebearstudio.com/blog/upgrade-to-magento-community-1-9-by-ssh.html
chmod 750 mage
./mage mage-setup .
./mage config-set preferred_state stable
./mage sync
./mage install http://connect20.magentocommerce.com/community Mage_All_Latest --force
php shell/indexer.php reindexall
rm -rf downloader/.cache/ var/cache/ ./mage mage-setup .
Error:
channel-add: Channel 'community' already exist!
Solution:
in the magento directory :and
./mage channel-delete community
./mage mage-setup
Then add the extension again via magento connect
Go to “downloader” folder and delete the file “cache.cfg”. Then go back to Magento Connect and retry
==========================
Fatal error: Call to a member function setData() on boolean in app\code\core\Mage\Adminhtml\controllers\Permissions\BlockController.php on line 113
......
PHP Fatal error: Call to a member function setData() on a non-object in Permissions/BlockController.php on line 113 - After Applying SUPEE-6788
http://magento.stackexchange.com/questions/89965/php-fatal-error-call-to-a-member-function-setdata-on-a-non-object-in-permissi
8788
https://support.hypernode.com/knowledgebase/magento-patch-supee-8788-release-1-9-3/
Brute force attacks?
https://support.hypernode.com/knowledgebase/how-to-protect-your-magento-store-against-brute-force/
Modify the existing
downloader/.htaccess file and add these lines to end:order deny,allow deny from all allow from x.x.x.x
/admin
/downloader
/rss/* such as /rss/catalog .should be disabled
A misconfigured webserver can leak cachefiles containing database passwords.
https://magentary.com/kb/securing-magento-cacheleak/
print("<PRE>");
echo shell_exec("sh PATCH_SUPEE-9652_v2-2017-02-07-01-18-38.sh");
print("</PRE>");
echo "Done";