Jump to content
Sign in to follow this  
gonebdg - webindoshop.com

Please Read: Security Procedure

Recommended Posts

Last night, the PrestaShop’s official website, prestashop.com, was hacked, resulting in the misappropriation of a script intended for transcribing news information in the Back Office of PrestaShop stores.


The entire PrestaShop team dedicated ourselves to identifying and fixing this issue as quickly as possible. That fix has been completed.


Has my shop been infected?

This only affects PrestaShop versions 1.4/1.4.1/1.4.2/1.4.3/1.4.4, but not all shops using these versions are necessarily affected.


If you use one of these versions, please check for any of the following symptoms:

• A her.php file is at the root of /modules folder

• A .php file different from index.php is in the upload and download folders

• Your footer.tpl file has been modified.

• Your tools/smartyv2 folder is missing


If you fulfill any of these conditions, your shop may have been infected. However, it is easy to fix just by following the instructions listed below.


What should I do?

1. Change your database password (or contact your webhost if you do not know how to do it). Once you have done that, open the settings.inc.php file in your /config folder and replace your old password with the new one. See below:


2. Download the fix published by PrestaShop by clicking here

3. Upload it to the root folder of your shop with your FTP client (Filezilla, Transmit…)

4. Go to the url http://www.myshop.com/herfix.php

5. The fix is now applied. Please do not forget to delete the herfix.php file previously uploaded at the root of your shop

6. Rename the admin folder

7. Change the password of all admins of your shop


If you need any help or have any additional questions, you can email us at security@prestashop.com We will answer you as soon as possible.


The whole PrestaShop team wants to deeply thank the community for its help in identifying this issue


Original Thread dapat dibaca atau diikuti di http://www.prestasho...rity-procedure/

Share this post

Link to post
Share on other sites

Wah ini problem yg sangat serius,


Bahkan di localhost juga terinfeksi. Coba cek folder / file berikut:

1. Folder 'Upload' dan 'Download' --> cek di kedua folder ini ada file baru (kalo di computer saya: 846d10db2e9edec02585dcb93dfcb183.php)

2. Cek /theme/theme_name/footer.tpl --> cek di baris bawah sebelum </body> ada sisipan script disitu

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More