Jump to content

Malware on prestashop website.

sickshot

By sickshot
in Core developers

 Share

Recommended Posts

sickshot Explorer

sickshot

Posted
Posted

I have prestadhop 1.6  websites on my hosting and something is sending out a lot of emails.

Any advice how to fight malware in prestashop websites?

If this topic in the wrong place, admin please move it to a correct spot...

Link to comment
Share on other sites
musicmaster Mentor

musicmaster

Posted
Posted

As you are using an old version there may be some leak that the hackers are using. It will be hard to find that. But you can hope that when you cleanup the hacker won't come back.

If you have a backup from the time before the problem happened, you can download the files of the shop and then compare the file trees with a tool like Winmerge. Extra files, changed core files and dubious overrides are the obvious suspects. But you need some programming knowledge to decide what is suspect.

 

Link to comment
Share on other sites
Mediacom87 Grand Master

Mediacom87

Posted
Posted
Il y a 8 heures, musicmaster a dit :

If you have a backup from the time before the problem happened, you can download the files of the shop and then compare the file trees with a tool like Winmerge. Extra files, changed core files and dubious overrides are the obvious suspects. But you need some programming knowledge to decide what is suspect.

Unfortunately, hackers manage to deposit fraudulent codes several months before activating them, so a backup is useless in the event of a hack.

What's needed is a complete clean-up, reinstalling the source codes of the version used, then removing all useless modules, then analyzing all remaining modules, setting up a captcha on contact and registration forms, and after that, checking that the clean-up was complete.

I've written quite a few articles on the subject of security.

Link to comment
Share on other sites
musicmaster Mentor

musicmaster

Posted
Posted
8 hours ago, Mediacom87 said:

Unfortunately, hackers manage to deposit fraudulent codes several months before activating them, so a backup is useless in the event of a hack.

What's needed is a complete clean-up, reinstalling the source codes of the version used, then removing all useless modules, then analyzing all remaining modules, setting up a captcha on contact and registration forms, and after that, checking that the clean-up was complete.

I've written quite a few articles on the subject of security.

As this is an old shop it quite likely hasn't changed much in the last few years. So putting the present database on top of the files from a backup of a year ago - if they are still there - could be a quick solution. You only might need to add some pictures. And then the fortifying measures that Mediacom87 advocates.

Re-installing the source code of the version used assumes that this shops didn't change them.

 

Link to comment
Share on other sites
Mediacom87 Grand Master

Mediacom87

Posted
Posted
Il y a 3 heures, musicmaster a dit :

Re-installing the source code of the version used assumes that this shops didn't change them.

Thank you for clarifying this point, but let's not forget that it's good practice never to modify core files and only to override them if necessary.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...