Site hacked- Presta shop 1.0.

[pb4sc]

I run two instances of presta shop. Yesterday, one was hacked, and had a background of a skull. I had my host restore it, and I immediately made a back-up. Today my customer had a presentation for a potential client. When he pulled up the website to seal the deal, a devil page came up. His exact comment to me was "I don't know whether to laugh or cry." Needless to say he is not too happy. I ran an acunetix scan it found 27 cross scripting vulnerabilities on the site. I am running Prestashop 1.0 What is the best way to attack this, so I can prevent it from happening again??

Thanks
pb4sc

[rocky]

I suggest that you upgrade to a newer version of PrestaShop. Why are you using such an old version? There have been many security fixes since PrestaShop v1.0 was released. I suggest that you also change the passwords of your site and make them as strong as possible. Also, run a virus scanner on your computer to make sure there are no keyloggers installed that would reveal your new password. If you are on a shared server, you may want to upgrade to a dedicated server so that your security doesn't depend on the security of other people's websites.

[Bruno Leveque]

Hi pb4sc,

Be careful because in most cases the "defacements" are due to some virus on the computer of the person accessing the FTP.

I therefore agree with the opinion of Rocky and suggest you check this too.

Regards,

[pb4sc]

Thanks Rocky and Bruno. I will do all that you suggested, and keep you updated.