As we promised, in today’s edition you will get a clearer view of a PrestaShop theme that you have to avoid.
When creating a new site, one of the first steps is choosing a theme. As there are very many options, chances are small to choose exactly the theme most vulnerable to hackers. The theme we are talking about specifically and which you need to avoid is Warehouse, one of the best selling PrestaShop themes.
The theme is very popular and sold on the ThemeForest market but is not at all safe for your PrestaShop site. It has modules containing serious security flaws. The first vulnerability was found in the Image Banner module, but there are other modules that seem to be problematic:
PRODUCT PAGE ADVERTS
After the launch of the theme, nearly 30 people were found whose sites were broken, there were sites that were totally deleted, and we met cases where the sites were turned into phishing or spam pages. It has been discovered that there is a tool by which, the theme is detected and hackers immediately attack vulnerable files.
How can you repair a broken site?
There are two ways to repair the hacked or vulnerable site, you can do it yourself, but you can also get help from experts. If you aren’t very well prepared technically, it would be better to hire an expert to clean the site, sometimes you can do more harm than good to try on your own.
As mentioned in Part 1 of the article (Read here)if you have a backup of the files and the database you can ease the work. By restoring it, you will be able to get rid of files that have been hacked. Of course, it would be best to have a “fresh” Backup, not to lose information such as orders, customer accounts, and new products.
Another way is to manually clean the site. You or the expert should start by running anti-virus software, and then you have to filter the files that have nothing to look for in the basic PrestaShop files. Manual cleaning of a site is a tiring process, the entire site must be scanned manually by someone who knows about PrestaShop and knows what files should be there. At the same time, you have to look at the files so you can see what they are doing. It could connect to other files on your server and if you delete them you can spoil your site even more. Unfortunately, at these times, there is no easier and faster way to repair a hacked site.
In these moments, no one can offer you a way to protect yourself 100% of hackers. But you can reduce their ways of reaching your site by choosing modules and themes that you have the utmost confidence in. If your site will be targeting an attack like this, you need to be prepared to reduce the loss caused.