Demo

討論

保持飢餓,保持愚笨 (Stay hungry, stay foolish)。 史蒂夫·賈伯斯

公告

本網站已取消討論區的討論方式,如果您有問題請至LINE群行動條碼圖片網址,或Facebook社團

知名的購物程式Prestashop被駭~

  • 羽城君拉
  • 羽城君拉 的個人頭像 Topic Author
  • Offline
  • 管理員
  • 管理員
More
2011-08-26 15:53 #20717 來自 羽城君拉
羽城君拉 created the topic: 知名的購物程式Prestashop被駭~
昨天接到官方的安全警告email,看起來災情慘重,有用的朋友記得要注意一下。
:XD:
Last night, the PrestaShop’s official website, prestashop.com, was hacked, resulting in the misappropriation of a script intended for transcribing news information in the Back Office of PrestaShop stores.

The entire PrestaShop team dedicated ourselves to identifying and fixing this issue as quickly as possible. That fix has been completed.


Has my shop been infected?

This only affects PrestaShop versions 1.4/1.4.1/1.4.2/1.4.3/1.4.4, but not all shops using these versions are necessarily affected

If you use one of these versions, please check for any of the following symptoms:

A her.php file is at the root of /modules folder
A .php file different from index.php is in the upload and download folders
Your footer.tpl file has been modified
Your tools/smartyv2 folder is missing


If you fulfill one of these conditions, your shop may have been infected. However, it is easy to fix just by following the instructions listed below.


What should I do?

1.Change your database password (or contact your webhost if you do not know how to do it). Once you have done that, open the settings.inc.php file in your /config folder and replace your old password with the new one. See below:
2.Download the fix published by PrestaShop available on http://addons.prestashop.com/fr/herfix/
3.Upload it to the root folder of your shop with your FTP client (Filezilla, Transmit…)
4.Go to the url http://www.myshop.com/herfix.php
5.The fix is now applied. Please do not forget to delete the herfix.php file previously uploaded at the root of your shop
6.Rename the admin folder
7.Change the password of all admins of your shop



If you need any help or have any additional questions, you can email us at security@prestashop.com . You will receive an answer at the soonest.

The whole PrestaShop team wants to deeply thank the community for its help in identifying this issue.

...

Please 登入 to join the conversation.