Havouza

Before we bought this one we used one called BA. When update shop to 1.4 the module stoppe working and there was no update for the module. Now there is so we will buy that instead.

https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-simpleimportproduct.md Note : The author has moved its exposed ajax script which suffers a critical issue, to the front controller under an unpredictable token. It's no longer a critical vulnerability issue, but be warned that it remains a high vulnerability issue with a CVSS 3.1 score 7.2/10

If you read the advisory board statement they still say there is security issues with it. Then I dont buy the way it is sold. No updates even under the short 3 months support. never again Choose a license: Regular module 99.00 € 3 months of free support module installation included upgrades and future features Advanced License recommend 135.00 € 12 months of free support module installation included upgrades and future features

Why should I buy the culprit module one more time. Even if it is updated it is still not safe

@30knees what do you mean? The module is uninstaled and scrapped from the system. Thats why I ask for a similar one without security flaws. Inporting csv files is not really an alternative

Anyone knowif there is any other modules out there that do the same job. Even the latest version dont feel very safe now

OK worked. Case closed

Normally in an smtp client you can set the sender address. I can understand that the mail server will not accept the gmail address as sender address so I will test with changing the sending mail in the shop

Changed provider to a relay just to be sure. But same result, now say email sent but no email arrive

Looking at sender of this emails the shop say [email protected] From where comes this settingg

Now I got some strange error Failed to send email: SMTP Error: The following recipients failed: [email protected]: <[email protected]>: Recipient address rejected: Sender is not same as SMTP authenticate username

Settings seems ok, its our own mailserver and it has no issues, has about 500 accounts

Well has installed the module, configured it, sent testmail which say its sent but it never arrive

I have upgraded one shop to the latest stable tb but when I want to configure the email I cant choose any transport, it just tell me to install some module for that. But I am not interested in f.ex mailchimp, we have our own pro email server.

Changed. It should ofc be 12 hour old backup

I have a 12 hour old backup but that is no use, Its also infected. The hack happened 20-08 it seems, that is the date of all the htaccess files. But I think we have found the security hole, its a module called simpleimportproduct from prestaworks. It has not been updated and when I asked the developer he say that our version has security problem. Unfortunately It was to late to update. The best thing now seems to be to delete the shop and start fresh. lesson learnned

After 7 years we have had our shop hacked. How I have no clue about but it is a fact Looking for suspicious files I find 97271 .htaccess. And many many other. So that shop has to be rebuilt, not an easy task with 1600 products. We have 2 shops on the same server but the other one seems ok Just a warning

Or if I can get a new 1.4, first transfer to that one and then update if the error is goene

@datakick no one seems to be able to find what is going wrong, had a php programmer have a look but no progress. Now I want to test another road if it is possible. If I spin up a new TB 1.5.1 in a new vps, would it be possiible to then move database and necessary folders over? Som questions. Is there a big difference in the DB between 1.4 and 1.5? Seems so. our 1.4 has 339 tables. Our 1.5.1 shop has 358 tables Which folders should be copied? More than image folders?

Thank you, that did the trick. I did not understand that @datakick meant to change the code. But now it works! Thanks

Where do I find the module? PS addon shop?

What is Mollie

@datakick sorry I ask you directly but you seems to know a lot. Would it be possible to let a freelance php programmer update the module so it work also with newer php and 1.5.1 TB.? We have it working on the other shop on php 7.4 but that shop is still on TB 1.4 because its not possiblem to update it.

Not if it comes from a corrupt file somewhere. The problem is that i cant update the shop because of it and perhaps repaired it

@datakick Well now I have gone thru everything and in the end spun up a new vps and installed a backup of the shop but the error followed the backup so for me its more a TB problem than a server problem. But I cant find aany log that can explain it