Search the Community

Jetzt hätte ich eine Frage zu unerwünschtem Traffic. Unter Lokalisierung/Geotargeting gibt es eine sogenannte "Whitelist der IP-Adressen". Gibt es hier irgendwo auch das Gegenteil davon, also eine Blacklist in die man unerwünschte IP-Adressen eintragen kann? Prestashop 1.7.6.7.

i have a list of pre defined whitelisted ip's from prestashop. lets say australia uses an ip address of e.g. 100.100.100.100 if this is not on the whitelist, does it mean that the user / users are blocked? is there a way to input a single line either "*" or "*.*.*.*" that will allow every IP? Im just worried that someone may be visiting website from another country and their IP is blocked. Website is https://vouchoff.com/ . I'm in Ireland, thanks and have a nice weekend!

Hi everyone ! I am currently working with two prestashop (1.7.5.1) websites, one for prod and one for test (both are hosted and online). Problem is, the test website was once the production website so even if it doesn't appear in most browsers, people with old links can still reach the test website. I managed to redirect from the test homepage to the prod homepage with basic PHP conditions but it only works for the home page as I should put my php code on all my files... Does Prestashop give an option to white list the whole test website so only I (and the people I work with) can access it ? Thanks everyone !

Hello, I just got the results of the latest PCI scan of my site and it detected an issue with Reflected Cross-Site Scripting (XSS) Vulnerability. The last scan with version 1.6.0.8 did not report this issue so it appears to be newly introduced with version 1.6.0.9. The issue exists for all of the product URLs, which are SEO friendly urls. Eg. if my product URL is: /productcategory/product1 the PCI scan sends: GET /productcategory/product1?<script>alert('MSG000')</script> This url should not be accepted, but it is. I understand that this would typically be fixed by either blacklisting disallowed characters, or, preferrably, whitelisting allowed characters. Can this be fixed without waiting for a new version? Can I add whitelisted characters somewhere in the configuration or in the code? Also, I wasn't able to find any indication that this had been logged as an issue with 1.6.0.9, which is a little surprising. The version has been out for a while and I would think others would have had the same issue when running their PCI scans. Any suggestions would be appreciated.