ricky11 Posted January 28, 2014 Share Posted January 28, 2014 i loaded up my BO this morning, and found the very top line contained the word "no" screen shot enclosed. I know the BO pulls data from prestashop servers and inserts Advertisements and other things from time to time (wish i knew how to disable this) but is anyone else experiencing this top line "no"... i am using 1.5x second to latest version.. thanks! well, before i could attach it, i refresh the page and the "no" dispersed... so now i KNOW this is being caused by some external code being called by prestashop.... what else do they have access to? can someone shed some light on this? Link to comment Share on other sites More sharing options...
El Patron Posted January 28, 2014 Share Posted January 28, 2014 if you have concerns about the integrity of your shop files the first thing to do is change your ftp password(s)...delete any old ftp credentials not in use then make sure you have a good up to date anti-virus program, using ftp download your shop files. anti-virus will catch what it can at download the other thing to do is (using ftp) look for recently updated files, look in folders etc looking for 'newer' file time stamps. then check folder | file permissions to make sure you are not 'open' to hacking when you get your shop secured the your will be ready to secure your shop with my PrestaVault module. http://www.prestashop.com/forums/topic/303132-module-prestashop-virus-monitor/ Link to comment Share on other sites More sharing options...
ricky11 Posted January 28, 2014 Author Share Posted January 28, 2014 Good tip, I will checkout your module. I disabled FTP access few days ago, so i dont think anyone could log on, only way is directly in to BO. I logged in to my cpanel filemanager and listed the contents of public_html/myfolder/ and found the latest modified file was error_log I didn't even know this file exisits, i must have turned on error logging. I dot know wihch other folder to look at to see what may have been modified. if the hacker modified the BO top line, which file would that be? Is it not possible that this was done on prestashop's side, because i know the BO makes request to check for latest versions and other things. perhaps i was the only one so far to catch it? "no" was on the topline, very strange. Anyway i went thru the error log and found the following being repeated over and over again, this might be for another post, but it may be related i dont know. [08-Dec-2013 22:12:04 Hongkong] PHP Warning: Invalid argument supplied for foreach() in /home/myfolder/public_html/modules/gamification/classes/Advice.php on line 96 i have about 1000 lines of the same thing. Ricky Link to comment Share on other sites More sharing options...
El Patron Posted January 28, 2014 Share Posted January 28, 2014 error_log is typcial as it's updated, well whenever php wants to send an error log there. good to review this at least once a week if nor more...some hosting panels will email it to you automatically re php warning, its just that..it does not stop the script...you can modify the level of reporting in congif/settings.inc.php for some reason in 1.5.6 or there. or choose to debug as you like as for looking at files/folders time/permissions, look at everything but cache folder as for what code it could be in...that is an easy question for a hard question probably nothing more than a poorly written module that is leaking text when it should not Link to comment Share on other sites More sharing options...
Recommended Posts