Prestashop index.php Compromised: Symptoms, Causes & Fixes
Contents of This Guide
Symptoms: PrestaShop index.php Hack
Users visiting your Prestashop store are being redirected to malicious sites.
Defacement of the index.php page.
Multiple pop-ups or malicious adverts appear on the index.php page.
The index.php page is asking users to install malware.
Gibberish content appears on the index.php page or something appears to be broke.
The index.php page becomes bulky and loads slowly.
Causes: PrestaShop index.php Hack
Vulnerable Upload Module
Weak File Permissions
Outdated Modules and Files
Remedies: PrestaShop index.php Hack
- Firstly, put your Prestashop site into maintenance mode before repairing index.php.
- Change all the passwords to random and secure ones.
- Look for malicious code inside the index.php file. If you are unable to figure out what the code does, simply comment it out or contact experts.
- Look for base64encoded code inside the index.php file and decrypt it using online tools.
- Remove the malicious code in the index.php file and any other files.
- Set the permissions in Prestashop to 755 for folders and 644 for files 664
Remove any suspicious or unreputed Prestashop modules, there are plenty of alternatives available.
Make sure to update to the latest version of Prestashop.
Finally, take your Prestashop store out of maintenance mode.