TimPrestaNL Posted February 7, 2022 Share Posted February 7, 2022 Hi, I'm facing issue's with one of my webshops for a while now, my webshop keeps getting hacked every night at around the same time. The hack creates an .htaccess and index.php file in the public_html folder which causes my website to break... The line that is added is the following: Index.php: **** removed **** .Htaccess <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L] </IfModule> I recovered a backup, cleared up all the code and updated all modules, theme and prestashop. This however didn't fix anything.. (Afterwards I recovered prestashop and my theme back to the older version because the site kind of broke..) I figured the .htaccess file and the index.php file both still get created when I empty the whole public_html file... Other sites (not prestashop) on my hosting are not effected. The hack also seems to create folders with random names like '5fd9302df' this however was fixed when I updated all my modules. However, a folder in my public_html named 'css' with the file index.php in it still gets created each time.. Can anybody help me with this, or point me in the right direction on how to fix this? It seems like this is the japanese keyword hack, but I just can't figure out what cases this.. Luckely enough the site wasn't launched yet for our customers.. Thanks in advance! Link to comment Share on other sites More sharing options...
PrestaHeroes USA Posted February 7, 2022 Share Posted February 7, 2022 Post in job section for help or contact a PS agency. Link to comment Share on other sites More sharing options...
SmartDataSoft Posted February 8, 2022 Share Posted February 8, 2022 Hello, Which PrestaShop version you are using. Try to use latest PrestaShop version and also updated php version. You can check if their is any old module in your site. All modules also need to update. If you are unable then you can contact any good web agency what is suggested by El Patron . Thank you Link to comment Share on other sites More sharing options...
PrestaHeroes USA Posted February 8, 2022 Share Posted February 8, 2022 make your .htaccess read only... one cheat, have up to date virus program on your desktop, then using ftp download your site files, your virus protection may catch the hack.... Link to comment Share on other sites More sharing options...
TimPrestaNL Posted February 9, 2022 Author Share Posted February 9, 2022 Thank you El Patron and SmartDataSoft for your replies! I'm updated to the latest version of prestashop and all modules are up to date as well. Sadly enough this, or making the htaccess read only didn't work. No hack is catched either when downloading the website to my pc. I think it has something to do with an outdated module, that doesn't get any updates anymore. I will try to contact to hire a specialist that hopefully can fix this. Thank you for you kind answers and help! Link to comment Share on other sites More sharing options...
daniel_caldarus Posted March 6, 2022 Share Posted March 6, 2022 hello, how did u solved this? Link to comment Share on other sites More sharing options...
PrestaHeroes USA Posted May 13, 2022 Share Posted May 13, 2022 We have had for long time PrestaVault PrestaShop Cybersecurity module https://www.prestashop.com/forums/topic/1064011-prestavault-prestashop-cybersecurity-protection-module Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now