Update

Prepare

Backup

Backup the files + database. Don’t skip it.

Enable maintenance mode

Uncomment this within .htaccess file.

#################################################
# GravDept:
# Enable maintenance page.
# Add your IP address to allow access.

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_URI} !/maintenance.html$
RewriteCond %{REMOTE_HOST} !^255\.255\.255\.255
RewriteRule $ /maintenance.html [R=302,L]

Update via filesystem obliteration

This is my preferred process now. It’s the fool-proof nuclear option. It’s easier to do locally, and then deploy all the filesystem changes at once.

# Move entire filesystem into a temporary folder.
# Don't forget hidden files (.htaccess).

# Copy archive of new Magento release into root

# Unzip the archive
tar -zxvf magento-1.x.x.x.tar.gz

# Move custom files back into application:
#
# app/code/community/
# app/code/local/
# app/design/adminhtml/
# app/design/frontend/
# app/etc/local.xml
# app/etc/modules/
# app/locale/en_US/
# media/
# skin/adminhtml/
# skin/frontend/
# .gitignore
# .htaccess
# favicon.ico
# +++ any loose files in the root

# Use `git status` to spot missing custom files
# You should only see diffs on core files

# Reset permissions
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;
chmod 550 mage
chmod o+w var var/.htaccess app/etc
chmod -R o+w media
chmod 755 cron.sh
chmod 640 app/etc/*.xml

# Replace .htaccess with Nexcess version.
# Keeps things tuned properly.

# Clear cache
cd var/cache
rm -rf *

# Visit site in browser to trigger database update

Update via “mage” command line

DEPRECATED — Do not use this method. The mage tool used to be my preferred method. Since Magento Community 1.9.2.x it consistently fails to update some modules, which leaves the installation incomplete or broken. I don’t trust this method anymore.

More info on mage failure: http://stackoverflow.com/a/33716061/1497746

# Set upgrade config
chmod 550 mage
mage mage-setup .
mage config-set preferred_state stable

# List updates
mage list-installed
mage list-upgrades

# Install updates
mage install http://connect20.magentocommerce.com/community Mage_All_Latest --force
chmod 550 mage
mage upgrade-all --force

# Reset permissions
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;
chmod 550 mage
chmod o+w var var/.htaccess app/etc
chmod -R o+w media
chmod 755 cron.sh
chmod 640 app/etc/*.xml

# Replace .htaccess with Nexcess version.
# Keeps things tuned properly.

# Clear cache
cd var/cache
rm -rf *

# Visit site in browser to trigger database update

Disable cipher check

Since Magento Community 1.9.2.0, the mage tools fail on Nexcess servers because the TLS cipher checks assume curl was compiled against SSL. Servers running RedHat/CentOS are compiled against NSS. More Info

Comment this line out. It may be re-enabled automatically during the update. Reverse the comment when finished updating.

// File: downloader/lib/Mage/HTTP/Client/Curl.php
// Line: 377

$this->curlOption(CURLOPT_SSL_CIPHER_LIST, 'TLSv1')

Reference