Havouza

After calming down from the shock to find 97000 htaccess files in your shop and realizing that 1 shop is gone we now have starting to rebuild shop 2 with the content of shop 1, a task that will take a while because it is 1200 products. But at the same time we will now get a shop up to date with latest versions of everything. But it takes a while to realize that your waorst enemies is not on the outside but on the inside. Anyway I jst wanted to mention that in this new shop we have abandoed both Google analytics and gmail. GA because they use the collected info for marketing. Not just your info, but the info from all your customers as well. Google are now involved in more than 200 court cases because of it. Gmail we abandoned for the same reason partly. They scan f.ex order emails for marketing info, but its becoming more and more hopeless to send attachments. F.ex my business partner the other day bought the prestashop importer module, downloaded it and wanted to send it to me for installation. Not possible, gmail blocked the zip-file. So now we have changed smtp provider and also installed Matomo instead of GA. I cant have Matomo installed "inhouse" so we decided to go with a colleuge who runs both email servers and a Matomo server. If anyone is interested their website is https://mediasafe.pro. A mail account for smtp relay is not free but we can live with 1 € per month for 1000 mails. On the other and a "free" gmail account you pay with your privacy We have used TB since version 1.01, it has been ups and downs, but for the moment it seems stable. Hope it will stay that way also in the future. We have learned our lesson the hard way, but life is about learning. Anders Yuran

Before we bought this one we used one called BA. When update shop to 1.4 the module stoppe working and there was no update for the module. Now there is so we will buy that instead.

https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-simpleimportproduct.md Note : The author has moved its exposed ajax script which suffers a critical issue, to the front controller under an unpredictable token. It's no longer a critical vulnerability issue, but be warned that it remains a high vulnerability issue with a CVSS 3.1 score 7.2/10

If you read the advisory board statement they still say there is security issues with it. Then I dont buy the way it is sold. No updates even under the short 3 months support. never again Choose a license: Regular module 99.00 € 3 months of free support module installation included upgrades and future features Advanced License recommend 135.00 € 12 months of free support module installation included upgrades and future features

Why should I buy the culprit module one more time. Even if it is updated it is still not safe

@30knees what do you mean? The module is uninstaled and scrapped from the system. Thats why I ask for a similar one without security flaws. Inporting csv files is not really an alternative

Anyone knowif there is any other modules out there that do the same job. Even the latest version dont feel very safe now

OK worked. Case closed

Normally in an smtp client you can set the sender address. I can understand that the mail server will not accept the gmail address as sender address so I will test with changing the sending mail in the shop

Changed provider to a relay just to be sure. But same result, now say email sent but no email arrive

Looking at sender of this emails the shop say [email protected] From where comes this settingg

Now I got some strange error Failed to send email: SMTP Error: The following recipients failed: [email protected]: <[email protected]>: Recipient address rejected: Sender is not same as SMTP authenticate username

Settings seems ok, its our own mailserver and it has no issues, has about 500 accounts

Well has installed the module, configured it, sent testmail which say its sent but it never arrive

I have upgraded one shop to the latest stable tb but when I want to configure the email I cant choose any transport, it just tell me to install some module for that. But I am not interested in f.ex mailchimp, we have our own pro email server.

Changed. It should ofc be 12 hour old backup

I have a 12 hour old backup but that is no use, Its also infected. The hack happened 20-08 it seems, that is the date of all the htaccess files. But I think we have found the security hole, its a module called simpleimportproduct from prestaworks. It has not been updated and when I asked the developer he say that our version has security problem. Unfortunately It was to late to update. The best thing now seems to be to delete the shop and start fresh. lesson learnned

After 7 years we have had our shop hacked. How I have no clue about but it is a fact Looking for suspicious files I find 97271 .htaccess. And many many other. So that shop has to be rebuilt, not an easy task with 1600 products. We have 2 shops on the same server but the other one seems ok Just a warning

Or if I can get a new 1.4, first transfer to that one and then update if the error is goene

@datakick no one seems to be able to find what is going wrong, had a php programmer have a look but no progress. Now I want to test another road if it is possible. If I spin up a new TB 1.5.1 in a new vps, would it be possiible to then move database and necessary folders over? Som questions. Is there a big difference in the DB between 1.4 and 1.5? Seems so. our 1.4 has 339 tables. Our 1.5.1 shop has 358 tables Which folders should be copied? More than image folders?

Thank you, that did the trick. I did not understand that @datakick meant to change the code. But now it works! Thanks

Where do I find the module? PS addon shop?

What is Mollie

@datakick sorry I ask you directly but you seems to know a lot. Would it be possible to let a freelance php programmer update the module so it work also with newer php and 1.5.1 TB.? We have it working on the other shop on php 7.4 but that shop is still on TB 1.4 because its not possiblem to update it.

Not if it comes from a corrupt file somewhere. The problem is that i cant update the shop because of it and perhaps repaired it