fusioneat Posted May 27 Share Posted May 27 Hi everyone, I'm having a serious issue on my PrestaShop 1.7.6.9 installation when trying to edit a brand (manufacturer) from the back office. Whenever I click "Edit" on a brand, I’m redirected to the warning page: "Token not valid" And even if I click "Yes, I understand the risk", the page just reloads without allowing any modification. No changes can be made. In some cases, I also receive an "Invalid token" error. PrestaShop version: 1.7.6.9 and PHP version: 7.3 Back office URL: /adminXXX/index.php/sell/catalog/brands/... What I've already tried: Changed browser (Chrome, Firefox, Edge, Safari) Cleared browser cache and cookies Cleared PrestaShop cache from the back office This is the url when i try to modify a brand: https://www.fusioneat.it/admin123/index.php/security/compromised?uri=https%3A%2F%2Fwww.fusioneat.it%2Fadmin123%2Findex.php%2Fsell%2Fcatalog%2Fbrands%2F241%2Fedit&_token=E7RKITYIRwL3AwzDUwTbHRxQVRPRvVqVtn3K37Vp_2A PrestaShop 1.7.6.9 (PHP 7.3) Thaks in advance Link to comment Share on other sites More sharing options...
Prestashop Addict Posted May 27 Share Posted May 27 Your actual PHP version is not supported by your PS version. You should downgrade to PHP 7.2. Link to comment Share on other sites More sharing options...
fusioneat Posted May 28 Author Share Posted May 28 Same problem with PHP 7.2.. Link to comment Share on other sites More sharing options...
El Patron Posted May 28 Share Posted May 28 This behavior is not native to PrestaShop. It strongly suggests: There is either a security module or override installed, Or your PrestaShop install may have a custom security feature (possibly added by your host, a previous developer, or a module). 1. Check for Security Modules Go to Modules > Module Manager in your back office. Look for modules like: "Security" "Admin Security" "Access Control" "Back Office Guard" Anything with "Firewall", "Protector", "Secure", "Admin Tools", "Security Patch", "Compromised", etc. Disable these modules one by one, then clear cache and try to edit the brand again after each. 2. Look for Custom Admin Overrides Check these locations in your shop’s files for anything related to "security" or "compromised": /override/controllers/admin/ /controllers/admin/ /admin123/ (your custom admin folder) /modules/ 3. Search for any files that contain "compromised" in their name or content. Check .htaccess or Custom Redirects Open your .htaccess file (in your shop root and in /admin123/). Look for any custom rules involving /security/compromised or blocking certain URLs. 4. Check Host Security Tools Some web hosts (especially Italian and Spanish hosts) add their own admin/back office protection (like [SiteGround’s SG Site Scanner, Aruba Security Suite, etc.]). If you see any such tool in your hosting panel, temporarily disable it and re-test. 5. Look for Hacked Files Although this could be a genuine security module, sometimes this redirect is a result of a hack or infected override to block admin activity. Check if any recent files were modified in /admin123/ or /override/ or /modules/. Look for new or unfamiliar files (especially with random names or that appeared recently). Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now