tivicrdotcom Posted October 26, 2023 Share Posted October 26, 2023 (edited) Hello fellow Geeks, We are running 6 prestashop stores on the 8.1 latest version, every morning we are facing the same issues. 1. Front Office works. 2. Back Office doesn't because is missing file Symfony/Component/Cache/Traits/PhpFilesTrait.php so no biggie, we upload the file again and voilá, access to BO is granted again. 3. Now we navigate through the BO but whenever we click on any admin link it returns another error, this time because is missing vendor/twig/twig/src/Environment.php so no biggie again, we re-upload it and everything is smooth until the next morning. We are noticing some weird time logs on our server at 4:38:21 am Anybody has any clue of what's going on? Thanks in advance! regards, AJ Edited October 26, 2023 by tivicrdotcom added an image (see edit history) Link to comment Share on other sites More sharing options...
tivicrdotcom Posted October 30, 2023 Author Share Posted October 30, 2023 Same issue everyday, so, is there a way to maybe automatically schedule those files to automatically upload every morning? I would just need to upload the index.php main file, also this one Symfony/Component/Cache/Traits/PhpFilesTrait.php and this one vendor/twig/twig/src/Environment.php Link to comment Share on other sites More sharing options...
Nickz Posted October 30, 2023 Share Posted October 30, 2023 Where do you host? In some hosts staff likes to make extra money. Link to comment Share on other sites More sharing options...
tivicrdotcom Posted October 30, 2023 Author Share Posted October 30, 2023 Greetings Nickz, appreciate your response. Currently, we're using Godaddy shared hosting, but we're in the process of transitioning to a VPS within Godaddy. This move allows us greater server control and enables us to implement additional security measures like antivirus and firewall protections for our websites. Surprisingly, we hadn't considered the possibility of unfair practices by hosting companies, but I suppose anything can happen. We've conducted a site scan, and it revealed no spyware or vulnerabilities. However, it's conceivable that something might be infecting our site from within. regards, AJ 1 Link to comment Share on other sites More sharing options...
Nickz Posted October 30, 2023 Share Posted October 30, 2023 2 hours ago, tivicrdotcom said: We've conducted a site scan, and it revealed no spyware or vulnerabilities what does your access log give away? Also in the BO you have acces to logfiles. Link to comment Share on other sites More sharing options...
idnovate.com Posted October 31, 2023 Share Posted October 31, 2023 Maybe these files are removed by an antivirus? Link to comment Share on other sites More sharing options...
tivicrdotcom Posted November 2, 2023 Author Share Posted November 2, 2023 On 10/30/2023 at 4:30 PM, Nickz said: what does your access log give away? Also in the BO you have acces to logfiles. Nothing weird, no warnings or errors. Link to comment Share on other sites More sharing options...
tivicrdotcom Posted November 2, 2023 Author Share Posted November 2, 2023 On 10/31/2023 at 10:45 AM, idnovate.com said: Maybe these files are removed by an antivirus? We don't have an antivirus running on the shared server. Link to comment Share on other sites More sharing options...
tivicrdotcom Posted November 2, 2023 Author Share Posted November 2, 2023 We've successfully backed up all 4 Prestashop stores, downloaded them to my PC, and scanned them with antivirus software. Fortunately, no Trojans or spyware were detected, or they might be well-hidden. Tomorrow, our plan is to migrate them to the VPS. We'll be installing fresh copies of Prestashop and transferring the backed-up stores to the new server. However, there's a concern with this process: if there are any hidden instances of spyware, they might also be copied over because we can't identify the source of the problem. The issue persisted on the shared server; every day, the index.php file size becomes zero, .htaccess files get corrupted, and the files Symfony/Component/Cache/Traits/PhpFilesTrait.php and vendor/twig/twig/src/Environment.php disappear. We'll update tomorrow. Link to comment Share on other sites More sharing options...
idnovate.com Posted November 2, 2023 Share Posted November 2, 2023 Have you run this script? https://www.prestashop.com/forums/topic/1067200-hack-prestashop-sur-la-page-de-paiement-nettoyage/ Link to comment Share on other sites More sharing options...
Nickz Posted November 2, 2023 Share Posted November 2, 2023 10 hours ago, tivicrdotcom said: Nothing weird, no warnings or errors. Access log: GET and a file which is part of the inner workings is someone sniffing for holes. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now