Hacker problem

[Jack palumbo]

Hi guys,

I was working with a freelance. He had an access to the administrative part because I gave him the administrator permission while we were working together.

Our treat has finished so I cancelled it, but I dont now how he can login in and activate it again, so he is making changes on my page without my permission.

I would like to know how can I put a solution on this problem, I am reporting to the police this fact but while he continues making changes.

Someone knows how can I fix it?

He said after we finished that he had put on the html of my website a code, that give him the permission to changes things whenever he wants. Now I think that this thing is what gives him the permission to login it. It is possible? If the answer is yes, how can I cancel it?

[selectshop.at]

Change FTP password and database password. You can do this from cPanel. Or simply ask your provider for to get help on this.

If he loaded a malware script to your FTP, than it would be of course possible to get access. In this case you should make a rollback of an old back-up of your FTP BEFORE the time you gave him access data. Also for this you should ask support of your provider.

[Jack palumbo]

I am going to ask soon to my provider for this things, 

I have cancelled his profile like employed and all the acces to the administrative part, sales manager and translater; but he continues login in on prestashop and making changes activating another time his permissions on it.

[selectshop.at]

I presume he is logging to FTP and/or database as well. BUT as I said if he added a script, so you need to identify the script (on FTP you can identify by date/change date of script) and than delete the script.

[Jack palumbo]

I have seen now that the guy has put himselve as superadministrator, and me as administrator, so probably he is going to delete my profile and let me outside.

Any suggestion?

[selectshop.at]

In this case he has access to database. You should revert urgently your complete FTP to standard. Are you using any third party modules ? Any adaptation on code ? Any exras ? If you want I can take a look into your FTP. Perhaps I can identify some script which is not Prestashop. You can send me FTP log data by PM if you want. I don't need access to your back-office. If you send me also access to phpMyAdmin and name of the person I can check you if it is still added to database.

If you don't want third persons managing your FTP and DB I can understand. I will react by the same way. The best is to make a complete rollback from FTP to the point BEFORE you gave him access and delete (not only disable) the account of this user completely on your back-office.