by | 2 Sep 2015

7 tips to make your PrestaShop site more secure

As PrestaShop is one of the most popular eCommerce platform in Europe, it comes under the greatest number of attacks from hackers who would love to get inside your online shope to steal your customers information and credit card details,  spam your customers and conduct phishing campaigns on your behalf. Discover in this article 7 security improvements that I recommend for anyone looking to protect their PrestaShop site from hackers.

1# Never use your PrestaShop admin password for anything else

Your PrestaShop Admin password should be 100% unique, you should never use the same password you do with other sites. Too often, a hacker will get access to your usual password and use it to hack your PrestaShop site. Don’t let this happen to you.

2# Require HTTPS/SSL for your PrestaShop login pages

Without an encrypted connection, every time you use your username and password, you run the risk of it being intercepted by a hacker. Read more on risks and how to enhance your consumer confidence with HTTPS/SSL. You should enable HTTPS/SSL on your PrestaShop to avoid these risks.

3# Make sure that your PrestaShop is upgraded to the latest version

It is quite important to keep your PrestaShop updated and patched. This may seem obvious but it’s an important reminder! When was your last update? Indeed, it is important to note that a new version of PrestaShop can provide security updates in addition to fixes and new features.

4# Don’t forget to apply the Security Patch Module for your PrestaShop

A Security Patch Module has been released. This module solves a security issue for PrestaShop 1.4, 1.5, and 1.6. Install this module, and it will apply the security patch that was released in late July 2015. You can learn more about the issue by reading the security announcement.

5# Only use trusted PrestaShop extensions

Generally, third party software provides additional security risks. Sometimes sites are hacked through insecure third party software. So you should install only add-ons and modules that you need and are useful for your store. If there are any modules that you don’t use and need any more, you should uninstall them. It only takes one vulnerability in one extension to provide a hacker complete access and control over your website. Please use only trusted PrestaShop extensions and be  sure to update it regurlarly.

6# Make sure to backup your PrestaShop regularly

Back up your PrestaShop on a regular basis, both the files on your account and the database. This can be down within cPanel’s Backups menu item. Just Log into your PrestaShop control panel, click on Tools and then on the DB Backup sub-tab. Now click on Create new back-up an then on the link that says You can now download the backup file and save the file to your hard disk. If your files on your web host are destroyed, your PrestaShop database takes the backup, and unless you have downloaded them, these are destroyed with them. Always download each backup file after creation.

7# Use a magic solution for PrestaShop vulnerability assessment

We learned a lot in this article about how to increase your security level. There are lots you can do to protect your PrestaShop. But there is always a way that a determined attacker can find a flaw with your security. Hopefully, there is a good online tool from OZON to assess your PrestaShop site risk level for free. At the end of the test you will see the security report and be able to patch it.  This 360 cybersecurity solution makes your online shop really secure and safe from sophisticated cyberattacks: