Prestashop index.php Compromised: Symptoms, Causes & Fixes
Contents of This Guide
Symptoms: PrestaShop index.php Hack
- Users visiting your Prestashop store are being redirected to malicious sites.
- Defacement of the index.php page.
- Multiple pop-ups or malicious adverts appear on the index.php page.
- The index.php page is asking users to install malware.
- Gibberish content appears on the index.php page or something appears to be broke.
- The index.php page becomes bulky and loads slowly.
Causes: PrestaShop index.php Hack
Vulnerable Upload Module
Weak File Permissions
Outdated Modules and Files
Remedies: PrestaShop index.php Hack
- Firstly, put your Prestashop site into maintenance mode before repairing index.php.
- Change all the passwords to random and secure ones.
- Look for malicious code inside the index.php file. If you are unable to figure out what the code does, simply comment it out or contact experts.
- Look for base64encoded code inside the index.php file and decrypt it using online tools.
- Remove the malicious code in the index.php file and any other files.
- Set the permissions in Prestashop to 755 for folders and 644 for files 664
- Remove any suspicious or unreputed Prestashop modules, there are plenty of alternatives available.
- Make sure to update to the latest version of Prestashop.
- Finally, take your Prestashop store out of maintenance mode.