Website Security

[Vinay]

Hi everyone, I have used prestashop ver 1.3.5.0 for a site which was hacked recently, I logged into my hosting cpanel and found out that all my files have been moved from public_html into a new folder called public_html.old and there was another index in the root which said that the site was Own3d by Hawk.

 

How do i secure my site and find out the flaw in the system so it could be patched. Waiting for your response.

 

P.S: i can give the developers the login to my hosting cpanel to see it for themselves. I haven't changed any files there.

 

waiting for urgent help.

 

-Vinay

[Mike Kranzler]

Hi Vinay,

This is likely an issue with a vulnerability of your hosting provider, and not PrestaShop's software.

 

Unfortunately, it appears that this person is doing this to multiple websites around the web (run a Google search for "Own3d by Hawk"), although it's hopefully just for fun (I know, that's pretty twisted, but you'd be amazed what capable hackers can do these days "just for the LULZ." However, I would change your Back Office admin URL and password right away, and then speak with your developers and hosting provider to try to determine how this happened in the first place.

 

If you would like, please post or PM me with your URL so that we can take a look at this for you, but this will definitely be something you'll need to take up with your host.

 

-Mike