Jump to content

My 1.7.8.2 site was hacked. Not sure what to do next?

bnadauld

By bnadauld
in General topics

 Share

Recommended Posts

bnadauld Enthusiast

bnadauld

Posted
Posted (edited)

Someone hacked my site and installed a quick pay paypal button on in the cart and has been directing payments to another email address.

Not sure what to do next?

 

I have taken down my site and changed all passwords

Im currently comparing a back-up of the ftp hacked site with a backup taken before the hack. Maybe this will be fruitless?

Is it best to start with a brand new bitmani instance of PS and then reimport my customer data and passwords... is prestashop manager the way to go about things?

Hope someone can help

Edited by bnadauld (see edit history)
Link to comment
Share on other sites
ps8modules Grand Master

ps8modules

Posted
Posted

hi
Oh yeah, you're out of luck.
You had problems with PS 1.6 before and now with 1.7.
A clean install is a reasonable solution.
But you have to pay attention to what modules you install, especially those that come from outside Prestashop Addons.
In the past, I also encountered a security hole in the one-page checkout, when the e-shop was hacked through the file upload field, even though the extension was disabled.

Link to comment
Share on other sites
ps8modules Grand Master

ps8modules

Posted
Posted

The fastest solution for transferring data from the database is to install a new Prestashop with the same version in the database itself and change only the table prefix. You can then copy the old tables to the new table via phpMyAdmin. And after copying, upgrade Prestashop to the latest version via the 1 Click Upgrade module.

  • Thanks 1
Link to comment
Share on other sites
bnadauld Enthusiast

bnadauld

Posted
  • Author
Posted (edited)
26 minutes ago, 4you.software said:

The fastest solution for transferring data from the database is to install a new Prestashop with the same version in the database itself and change only the table prefix. You can then copy the old tables to the new table via phpMyAdmin. And after copying, upgrade Prestashop to the latest version via the 1 Click Upgrade module.

i actually did the upgrade to get rid of onepage checkout. The ps on the new store was the latest ps build at the time but that was 8 months ago.

Thanks for the help. can you elaborate on the bit where you said "in the database itself and change only the table prefix".

Will any hacker compromised code be in the database maybe i will use last weeks back up of the sql?

 

Edited by bnadauld (see edit history)
  • Like 1
Link to comment
Share on other sites
bnadauld Enthusiast

bnadauld

Posted
  • Author
Posted (edited)

When i do the import of the db on the new store do i leave the img dir blank and do an import of all my products via csv import. or move the img dir of the old store to the new store then Regenerate thumbnails?

Do i dl the sql file then in notepad++ do a find replace for prefix ps_ to replace with eg ps_access, ps_advice etc etc

 

Untitled picture.png

Edited by bnadauld (see edit history)
  • Like 1
Link to comment
Share on other sites
bnadauld Enthusiast

bnadauld

Posted
  • Author
Posted
1 minute ago, 4you.software said:

If you import from csv, you can put a url link to the old img folder there, which you rename and leave everything to Presstashop Import. There are several ways.

then its 'just' a case of reredesigning the look of the site and add the modules?

  • Like 1
Link to comment
Share on other sites
bnadauld Enthusiast

bnadauld

Posted
  • Author
Posted (edited)
5 minutes ago, 4you.software said:

If a clean installation, then without third-party modules. T8m, if you change the prefix in the sql file, you will import the module records, which is not good.

sorry im a little confused now. Do i only copy in certain/some tables from the old store?

Edited by bnadauld (see edit history)
  • Like 1
Link to comment
Share on other sites
bnadauld Enthusiast

bnadauld

Posted
  • Author
Posted (edited)
42 minutes ago, 4you.software said:

6. these are tables:

ps_address

all ps_carier*

all ps_cart*

all ps_category*

all ps_cms*

all ps_contact*

all ps_customer*

all ps_feature*

all ps_group*

all ps_homeslider*

......

Just skip the ps_configuration tables and others that are from modules.

just one last question now im getting my head around it? if you dont mind?


Are these the only tables to copy over? so tables such as ps_image_shop, ps_page, ps_warehouse_shop need to be left as the newly installed shops tables.

Edited by bnadauld (see edit history)
  • Like 1
Link to comment
Share on other sites
bnadauld Enthusiast

bnadauld

Posted
  • Author
Posted
1 minute ago, 4you.software said:

No, copy too 😄

I didn't write all of them, the list would be long.
You have to go logically.
Say you want to transfer customers and orders.
So you copy the tables customer, cart, order ....

got it

thanks for persevering

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...