tunilove Posted April 8, 2009 Share Posted April 8, 2009 hi after installation all was ok i mange to add product setup shipping and payment all ok i can accept orders but all email of order i receive my internet security system delete them and show they have virus ....... also when i try to order my self i find many links in the order process and all links take to site reported as attack sites ..... any help you can try your self here www.promosat.eu/shop Link to comment Share on other sites More sharing options...
tunilove Posted April 14, 2009 Author Share Posted April 14, 2009 no body can give attention please its big bug in presta ....... Link to comment Share on other sites More sharing options...
tunilove Posted April 14, 2009 Author Share Posted April 14, 2009 well here some screen shoot to the problem first in my account i can see link look below this link takes to this web site after in payment conformation other link take to download zip file contain virus reported by internet security program i use Link to comment Share on other sites More sharing options...
misty Posted April 14, 2009 Share Posted April 14, 2009 Hi tunilove,I don't see anything wrong with your site, I launched a Xenu report and it doesn't see all those links either.Maybe it's your computer and/or browser that is compromised. Have you tried with Internet Explorer and from another computer ? Link to comment Share on other sites More sharing options...
misty Posted April 15, 2009 Share Posted April 15, 2009 Hmmmm.. something is weird, your 404 page doesn't work properly.You should look in your .htaccess file, especially the "ErrrorDocument 404' line. Link to comment Share on other sites More sharing options...
tunilove Posted April 15, 2009 Author Share Posted April 15, 2009 thank you for the reply well the first link it was with the referral program module i uninstalled that module and i don't see that link any more ........but if you try to make order in the payment page aftrer you select for example bank wire you will see links to http://hetverkoophuis.nl/mambots/editors/mosce/jscripts/tiny_mce/plugins/searchreplace/images/viaccess2 4 ntv au.zip.html yes i test with other browser and other pc Link to comment Share on other sites More sharing options...
misty Posted April 15, 2009 Share Posted April 15, 2009 OK so you've really been hacked.Your bankwire directory is readable on browsers, you should forbid that.If you look to the suspicious URLs you see "class=giepoaytr", if you google for "class=giepoaytr" you'llsee that you're not the only one in that case but some posts are quite old so I think that your problemis a general security problem that is not related to Prestashop core.Verify the permissions of your directories and that there are no .htaccess files that you don't know inyour directories. Link to comment Share on other sites More sharing options...
tunilove Posted April 21, 2009 Author Share Posted April 21, 2009 Thank you for reply i disabled the presta shop back to Osc it stable and no hack....presta is nice but too much problems and no support ............. Link to comment Share on other sites More sharing options...
Recommended Posts