We will do everything possible to make sure our store is not the victim of a successful attack. Fortunately, the PrestaShop team takes security very seriously and issues updates and fixes as soon as possible after any problems are discovered. We just have to make sure we do everything we can and also implement the PrestaShop upgrades as soon as they are available. It is also vital that we always have a recent copy of our store because one day, it is probably inevitable that our shop will die on us. It might be a hacker or maybe we will accidentally muck it up ourselves. A recent backup to handle this type of event is a minor inconvenience, because without one, it is an expensive catastrophe.
So let's get on with it...
Types of security attacks
There are different types of security attacks. Here is a very brief explanation of some of the most common ones. Hopefully, this will make it clear why security is an ongoing and evolving issue and not something that can ever be 100 percent solved out of the box.
Common sense issues
These are often overlooked—make sure your passwords are impossible to guess. Use number sequences that are memorable to you but unguessable and meaningless to everyone else. Combine number sequences with regular letters in a variety of upper and lower case. Don't share your passwords with anyone. This applies to anyone who has access to your shop or hosting account.
This is when an attacker uses software to repeatedly attempt to gain access or discover a password by guessing. Clearly, the simplest defence against this is a secure password. A good password is one with upper and lower case characters, apparently random numbers and words that are not names or are in the dictionary. Does your administrator password stand up to these criteria?
SQL injection attack
A malicious person amends, deletes, or retrieves information from your database by cleverly manipulating the forms or database requests contained in the code of PrestaShop. By appending to legitimate PrestaShop database code, harm can be done or breaches of security can be achieved.
Attackers add instructions to access code on another site. They do this by appending a URL pointing to malicious code to a PHP URL of a legitimate page on your site.
This is straight forward. It is likely that while developing or amending your website, you will mess up some or perhaps all of your PrestaShop. I did it once while writing this article. I will give you the full details of my slightly embarrassing confession later.
So with so many ways that things can go wrong, we better start looking at some solutions.
Employees and user security
If you plan to employ someone or if you have a partner who is going to help in your new shop, it makes good sense to create a new user account so that they have their own login details. Even if it will be only you who needs to use the PrestaShop control panel, there is still a good argument for creating two or more accounts. Here is why.
First we will consider a scenario, though a slightly exaggerated one:
Guns4u wants to offer articles about how to use its products. The management, probably correctly, believe that in-depth how-tos about all its products will boost sales and increase customer retention. The diverse nature of their products makes employing a single writer impossible. For example, an expert on small arms is rarely an expert on ground-to-air ordinance. And a user of laser targeting equipment probably doesn't know the first thing about ship-based artillery.
This is quite a problem. The management decides they need a way to allow a whole team of freelance writers who can login directly to the PrestaShop CMS. But bearing in mind the highly dubious backgrounds some of these writers will have, how can they be trusted in the PrestaShop control panel?
- Users of Guns4u.com:
Suppose you employ somebody to write articles for you. You don't really want them being able to play with product prices or payment modules. You would want to restrict them to the CMS area of the control panel. Similarly, your partner might be helping you wrap and pack your products. To avoid accidents you might like to restrict them to the Customers and Orders tab.
Now consider this scenario. Even you, after reading this article, can make a mistake. It is a really good idea to create at least one extra user account for you. I always make myself a wrapping and packing account. I use it all the time and it is reassuring to know that I can't accidentally click anything that can cause a problem.
This type of user security is common in large organisations. On a company intranet, employees will almost always be restricted to areas of the company system to which they need and nothing more.
Below is how to create a new user account and then after that we will look at profiles and permissions to enforce the restrictions and permissions suitable to us.
Okay, let's create a new user.
Time for action – creating users
As you have come to expect, this is really easy.
- Click on the Employees tab and then click on the Add new link.
- Enter the Last name, First name, and E-mail address of your new employee or user.
- The status box enables you to allow or disallow access to the new employee. Unless you have a reason for creating an account and not letting them use it, select the check mark (Allow). If you have reason to want to stop your new employee or user accessing your control panel, simply come back here and click on the cross.
- In the Profile drop-down box, choose Administrator. This will give the new user full access. We will investigate when this is a good idea and when you might like to change this, if you would like to add our freelance writer next.
- Click the Save button to create the new user account.
What just happened?
The new user can now log into the control panel and perform any task.
Profiles and the next topic, Permissions, are very closely linked to users. A profile is like a position. You can create a profile and assign responsibilities and restrictions. The administrator profile created by default can do everything in the control panel. As we discussed previously, this might not be the ideal situation for you.
What we will do now is create a new profile called "customer service". In the next section on permissions, we will assign the appropriate permissions to this new profile. Allowing all users with the customer service profile to access everything they need to do their job but restricting their access to anything that is not part of their job, significantly reduces the possibility of accidents or, dare I say it, malicious actions, by a disgruntled employee or someone who gains access to their account.
Time for action – creating profiles
With a couple of clicks, we will now create a profile:
- Click on the Employees tab, then Profiles sub-tab, and subsequently the Add new link.
- Type Customer Service or whatever your first profile will be called.
- Click on Save and read on about permissions.
What just happened?
Now we have created a user profile to which we can assign users.
But to make the profile meaningful and worthwhile, we will now assign appropriate permissions to it, which are explained in the next section.
In the Time for action that follows, we will assign the permissions that might be appropriate to an employee with customer service and packing responsibilities. First we will take a look at the options in general for permissions.
Permissions and their levels
There are four types of permissions—View, Add, Edit, and Delete. PrestaShop controls access by allowing you to assign these types of permission to any of the tabs and the sub-tabs.
You can restrict members of a profile from viewing any tab(s) you like. So you might not want the customer service profile to change anything on the Payment tab. No problem, you can totally remove that tab for users of a profile. In the Guns4u freelance writer scenario, you would want to create users who can only access the CMS tab. You would do this by removing, or as we will see in a bit, not adding any permissions except for the CMS tab.
So to stop a profile from adding and removing products, you need to remove the Add and Delete permissions from the Catalog tab. They could then edit product descriptions but not add or remove products themselves.
The depth of information we have just discussed is almost certainly adequate for any new shop, even if you are an existing business owner and you intend to hand over the running of your PrestaShop to your staff. The key with permissions, profiles, and users is planning. Take time to consider your company structure, which users should have access to what, and create a profile for each. Then read on to configure permissions for those profiles.
Now since we have looked at the different permissions, you will easily be able to decide which are most appropriate for the different profiles you want to make for your shop.
Time for action – configuring permissions to profiles
Of course, the permissions and levels that I suggest in the Time for action are just my views. You will know best what is most appropriate for your business. Let's get on with it then:
- Click on the Employees tab, then the Permissions tab, and select the Customer Service or whatever profile you are configuring from the drop-down box.
- Take time to examine the tabs and their options. Notice that if you click a checkbox, you instantly get a message from PrestaShop saying it is configuring your permissions.
- Try adding permissions from one of the tabs. For the freelance writer, I would just append the view functionality to the Tools tab and the View, Add and Edit functionality to the CMS tab. The reason we need to assign View to Tools is because otherwise the CMS tab will not be visible.
- Go back to a user's sub-tab in Employees, edit the user, and assign the profile you have just amended to the user. Now log in as that user and see the changes taking effect.
- Now log in again as the administrator and make the rest of the changes you decided upon. Here are my suggestions for a typical customer service profile, as can be clearly seen in the screenshot of the Permissions screen:
What just happened?
You have now created your first profile. It should be simple to create as many profiles as you like. Don't forget to assign your users to their appropriate profile as well.
Pop quiz – doing the thing
- Can you think of a good reason why you assign permissions to profiles and then profiles to users, instead of assigning permissions directly to users?
- Taking into account the different types of attack and other things that can go wrong, what do users, profiles, and permissions protect against?
- How can we protect users' logins from being sniffed out by people listening for information?
SSL—Secure Sockets Layer
SSL is a cool system or, in tech speak, a protocol for allowing encrypted communication over the Internet. The need for this is obvious when you think about the type of information that must be given and received in even the simplest transaction. A customer's personal details and credit card details are the most obvious of these types of information.
By encrypting (making incomprehensible to all but the intended recipient), you can take your customers' money and personal details without worrying that their private details are intercepted by a third party.
Regular encryption relies on the sharing of a decrypting key. A decrypting key, simply speaking, is a mathematical formula for making the incomprehensible comprehensible again. SSL uses a method known as public key cryptography that allows a website, such as yours, to give an encryption key to your customer's web browser, which encrypts the confidential information before sending it. The SSL web server then has a private key known only to itself, which can descramble the information and retrieve your customers' confidential information.
Shared SSL, dedicated SSL, or no SSL
Shared SSL is usually free. Dedicated SSL, on the other hand, will certainly cost you a few pounds per month.
Almost any web server could be configured to be an SSL server. In most hosting environments, you would be offered a shared SSL server for free. This is where you have your communications rerouted through an SSL-enabled server. The problem is that the SSL server has a different address from the server your website is actually hosted on. PrestaShop is not designed to easily use a shared SSL server.
If, however, you must have SSL and absolutely do not want to get your wallet out to pay for a dedicated SSL certificate, then click here to have a read of article in the PrestaShop forums.
Be warned that it is a bit on the technical side and involves editing the PHP code that makes PrestaShop tick. Yuck!
Do not despair! If you want or need SSL without the technical hassles, then you will need to contact your web host and arrange to buy a dedicated SSL certificate for your website. You shouldn't need to do anything technical. Just pay, wait for it to be set up, and then follow the easy tutorial explained next. PrestaShop will then use https:// instead of http:// before any relevant page on your website and your customers will be protected.
So SSL sounds like a good idea. But it is not an absolute must. If you are using PayPal to take payments, then all your customers' financial details are dealt with on the PayPal website anyway. And they use their own SSL server as you would expect. Just consider that the name and address of your customers will be entered on your website. Is this a security problem? Will your customers object to their names and addresses being retrieved unencrypted? Only you can decide.
Another potential drawback of not using SSL is that your login to the control panel will be left unencrypted. Do you use wireless Internet? Perhaps in a busy location with lots of other wireless users, it is possible for somebody to obtain your username and password. Then they can do whatever they like with them.
The other consideration with SSL is that more and more customers look for the https:// when going through checkout. And most web browsers display a nice graphical padlock and maybe some other reassuring embellishments like green address bars. So even if in your opinion you don't need SSL, it might be worthwhile even if it is just for show.
So decide whether you want shared or dedicated SSL, or none at all. Read the next tutorial after setting up SSL with your web host if you are going to use it.
Setting up SSL in PrestaShop
This is so easy. Many shopping carts require editing of the PHP code in multiple files, even for dedicated SSL. Again, well done PrestaShop! Perhaps you can make shared SSL easy as well in a future revision.
Time for action – setting up SSL in PrestaShop
Let's do it.
- Click on the Preferences tab.
- For the fourth item in the list of options (Enable SSL), select Yes.
- Scroll to the bottom of the page and click on Save.
- Now go to your shop front, and click on Log in on your account or similar and notice the https:// at the front of the web address in your browser.
What just happened?
Your customers' vital details are now encrypted by SSL. If you are going to use PayPal as your payment provider, then the customers' financial details are kept secure by PayPal, even if you opted not to use SSL on your website.
Making a copy of your store
We have taken a number of steps to protect our PrestaShop, but what if it all goes wrong anyway? It is still possible, although much less likely, that you will get hacked. It is also possible that we might accidentally spoil our own PrestaShop. If you promise not to tell anyone else, I will give you an example of a self-inflicted disaster I had.
While working on this article, I was playing with the Permissions features. I deleted a few tabs and then with a single inadvertent click I deleted the Employees tab! The permissions page went blank and there was no way to restore all the tabs that I had deleted. I can't put in print what I said when I realised my mistake.But I had a copy and the page was up and running again in 10 minutes.
A lesson to be taken from this incident is to create a new profile and user for you. Call it Junior admin, and then if you do something dumb like I did, you can log in as the administrator and put it right.
So our objective for this section is to create an offline, untouchable, and easily usable backup. Then, no matter what happens, you will be able to get your business up and running in around 10 minutes. And, no matter how talented and resourceful a hacker might be, I guarantee that he or she won't be able to get remote access to a CD stored in your locked cupboard!
Introducing the backup process
Two main areas will be covered in these step-by-step tutorials. Coming up next, we will back up the PrestaShop database. The database is separate to the files in your web space on your web host. It holds information that is accessed by the code contained in the PrestaShop files.
The second part of the backup process is obtaining a full copy of the PrestaShop files. This is nice and simple, but we will still do it step by step to make 100 percent certain that we are never left with a problem that can't be fixed.
So how often should you make a backup? It all depends on the frequency of change to your store. Let's say you get ten purchasing customers a day. If you backup every week but suddenly get hacked just before you do a backup, you would lose the details of 70 customers and their orders. In most businesses, this would be quite a dire situation.
Now when you first open your PrestaShop, you might not get an order for some weeks. So does this mean an infrequent backup would be okay? Maybe yes. But when your PrestaShop is new, you are probably making more regular configuration changes. Some or all of those could be lost if you hadn't run a recent backup.
Only you can answer the question of how often to do a complete backup. What is sensible will depend upon the frequency of change to your PrestaShop files and database. I will show you how to take backup that is fast and trouble free, although there isn't really any reason not to do it daily. Obviously though, it is up to you.
Backing up your database
PrestaShop has a handy database backup utility. This makes backing up your store a breeze. Here is how to do it.
Time for action – backing up your database
Log into your PrestaShop control panel and read on.
- Click on Tools and then on the DB Backup sub-tab.
- Now click on Create new back-up. Wow, that was quick! We are almost done.
- Now click on the link that says You can now download the backup file and save the file to your hard disk. If your files on your web host are destroyed, your PrestaShop database takes the backup, and unless you have downloaded them, these are destroyed with them. Always download each backup file after creation.
- Click on Back to list and you will notice that PrestaShop keeps a nicely ordered list of the database backups you have made. Just be aware that PrestaShop doesnt keep a record of whether you have actually downloaded the backup file. So the previous step is really crucial.
What just happened?
You now have a backup of your PrestaShop database. It shouldn't have taken more than a minute. We will look at how to use your database backup soon.
Backing up your files
You probably already know how to do this, but as it is so crucial, we will go through it step by step.
Time for action – backing up your files
We are going to use FTP, so have your web host's FTP username and password handy and then read on.
- Open an FTP window on your web space containing the PrestaShop files.
- Open a second Explorer window in a folder where you want to keep your backup files. You can use a dedicated FTP application as mentioned before.
- Highlight all the files on the web server and drag them to the Backup folder. It might take some time for the download to finish, but obviously you don't need to be there to watch it.
- Sometimes the download fails. It is very difficult to ascertain exactly where to resume the download, and the safest policy when this happens is to start the whole download again. If the download fails on a regular basis, just get into the habit of copying the folders one at a time. This does demand much more of your attention, but you can easily be doing something else in between folders.
- To be absolutely sure your backup is safe, copy it to a CD or DVD.
What just happened?
You now have a complete usable backup. With the one caveat of your FTP download probably failing, there is only a very tiny demand on your time even if you do this daily.
Now let's look at how to use your backup in the event of disaster.
Using your copy
Using your backup is not too tricky, and because of the importance of the topic, we will go through it a step at a time.
Restoring the database
To do this, we will need to get a little bit more technical than when we took a backup of your database. We need to use a database tool provided by our web hosts. It is called PHPMyAdmin.
Many web hosts provide access to databases hosted with them through PHPMyAdmin, but in the unlikely event that yours doesn't, then contact them and ask for the equivalent. It should then be fairly simple to interpret the following instructions.
As every web host is different, I will mention potential shortcuts and some potential problems (with solutions) that are web host-dependent. What is fairly sure is that at some point you will need access to a web-based program provided by your web hosts, called PHPMyAdmin. Hence we will look at that first.
Time for action – how to restore the database
Log into your web host's control panel. Find PHPMyAdmin. In all of the hosts I use, it is accessed by viewing the list of databases and then clicking on Edit or Manage with PHPMyAdmin. Then a screen very similar to the next screenshot is shown by clicking on the Edit link relative to the PrestaShop database. All the functions that we carry out in this tutorial will be performed on that specific database.
When you have located PHPMyAdmin or your web host's equivalent, read on.
- Open a new browser window or tab. In your web host's control panel delete the database.
- Recreate the database using the same name, username, and password. A potential problem here is that some web hosts do not let you choose the name of a database. Don't panic, just create a new database and proceed with whatever name they give you. An extra step that I point out near the end of this tutorial should solve the problem.
- Extract the compressed database backup on your hard disk so that you are left with a file named something.sql.
- Go to your PHPMyAdmin and click on Databases, and you will see the screen change to display a row of tabs across the top. They look like the ones in the following screenshot:
- Click on the Import tab. Browse to your extracted database backup and select the file. You will also need to click on the Go button on the PHPMyAdmin page. A few seconds later your database is restored.
- If you created a database with the same username and password, you can skip the rest of this tutorial. If not, you have a bit more to do.
- In your backup files, you need to open a file from the config folder using Windows Notepad. The file is named settings.inc.php.
- There you will see a list of database configuration parameters. Simply copy and paste your new database name and server address to overwrite the old ones. Save the file and read on.
What just happened?
You now have a perfectly restored database.
Restoring the files
This is much simpler and quicker than restoring the database. Very simply we need to replace all the files on the web server with the files from our backup.
Time for action – how to restore your files
- Open an FTP connection to your web server.
- Delete all the PrestaShop files on your web server.
- Upload all the backup files. Be sure to upload in the exact same structure as they existed previously. For example, if you stored the backup files in a folder, don't upload the folder they were stored in as well.
- As with backing up your files, if you get errors when dragging all the files and folders at once, retry doing the process a folder or two at a time. Don't forget the "loose" files that reside in the main directory and not in any of the PrestaShop folders.
- Visit your shop front and the PrestaShop control panel to see if they are working.
- Breathe a sigh of relief.
What just happened?
You have just deployed a backup of your store.
Assessing what went wrong
The first thing to do is check if you have the latest version of PrestaShop. Upgrading is covered in a minute. Other than that, the causes of a hack attack can be difficult to assess. Take a look at the upcoming Have a go hero to learn and think about some extra precautions to prevent a reoccurence.
Have a go hero – securing your newly restored shop
So what if the security problem arose because the hacker had your database username, address, or your admin password? How can you stop exactly the same thing happening tomorrow?
- Create a new database with a different, name, username, and password through your web host's control panel.
- Import the backup file to the new database just as you did for the original.Then in your PrestaShop control panel click on the Preferences tab then the Databases sub-tab.
- Now enter the details of your new database. Be sure to get it exactly the same. Click on Save. Your hacker must start again discovering your database details.
- Now click on the Employees tab and then the Edit icon and type a new password. Click on Save.
- If the hacker used your password, he now needs to start again.
PrestaShop from time to time will add new features and enhancements. Of course, it is great to be able to add these improvements to your shop. The main reason to keep up-to-date at all times is because the updates include security fixes, that is, changes to PrestaShop that make it less likely and harder for a malicious person to mess up your hard work or compromise your customer's security.
Time for action – how to upgrade PrestaShop
Keeping PrestaShop up-to-date will keep us secure against all the known threats.So let's do it.
- Make sure you have a full backup of your store, files, and database in case this goes horribly wrong. And it can.
- Log into your PrestaShop control panel. If there is an update available, it will be shown near the top of your admin login page. If not, you could revisit this tutorial when there is.
- Click on the Download link and save the upgrade. Yours will probably have a different version number to the one in the screenshot.
- Extract the download and you will be left with a prestashop folder full of subfolders and files.
- Rename your main prestashop> folder and leave it on your website. Call it prestashop_old. We do this so that in a few steps time we can easily copy back some files to the new folder. You can perform this step in your web host's control panel or by opening an FTP window, right-clicking, and selecting Rename, and then renaming it to prestashop_old.
- Now recreate an empty folder with the same name as your original prestashop folder (the one you just renamed).
- Upload all the files and folders within the upgrade folder to your folder where PrestaShop was originally. You now have the latest versions of the PrestaShop files on your server. But what about all your configurations?
- Copy the /img directory from your old folder to the folder with the upgraded files.
- Copy the /modules directory from your old folder to the folder with the upgraded files.
- If you have installed any new themes, copy the /themes/newtheme directory from your old folder to the folder with the upgraded files.
- Compare the contents of the old and new .htaccess files in the main directory. Add any parts in the old file, which are not present in the new file, to the new file. Don't simply copy it across because the upgrade might include some amendments. Simply copying across would remove these changes.
- Copy your sitemap.xml file from the old files to the new.
- Copy the file config/settings.inc.php from the old folder to the new.
- Run the installer and do things just as before but select update on the first page. PrestaShop knows you are updating by the presence of the settings.inc.php file. When you're ready, type www.yourshop.com/install.
- On the next page of the updater, you will see this warning. If you followed this guide, you have already done so. Click on the I certify button followed by the Next button.
- When you're done, just as before, delete the install folder and rename the admin folder.
What just happened?
You now have the latest version of PrestaShop up and running.
Okay, I admit it. That wasn't pretty. Upgrading PrestaShop is a little bit of a chore. It is one of the few areas where other shopping carts do a little better. But it's not so bad either. Half an hour's work every couple of months to get the latest features and security fixes shouldn't really be a huge problem.
Have a look at this quick challenge to do with upgrading PrestaShop.
Have a go hero – keeping your store live while upgrading
While all the various processes are going on, during an upgrade, your shop is offline. When brand new, this is probably not a problem. But what about in a year or two when you are serving hundreds of customers at a time? Being offline is obviously unacceptable!
How would you perform the upgrade without affecting your stores availability? (A clue is that it involves temporarily having two sets of working files using the same database.)
The answer is, simply perform the upgrade in a new folder, perhaps call it prestashop_new. Now you can copy across your settings as before but this time from a live folder. When you run the installer, don't forget to type www.yourshop.com/prestashop_new/install. When you have finished, rename the original folder to prestashop_old and rename prestashop_new to the name of your original PrestaShop folder, pointed to by your domain name.
This article in a nutshell
There are lots you can do to protect your PrestaShop. But there is always a way that a determined attacker can find a flaw with your security. Do everything you can; in fact, I suggest you seek further reading on general web security. A good starting point is an excellent article I found via the PrestaShop forums. Here it is:
But remember you are never totally secure. Always have a very recent backup ready to use.
We learned a lot in this article about malicious attacks, user-caused problems, how to avoid them, and how to recover when all else fails.
Specifically, we covered the following topics:
- The most common types of malicious attacks and some problems that can be caused by legitimate users
- User security using groups and permissions
- SSL for our customers and our own privacy
- Keeping PrestaShop up-to-date and safe from known attacks by upgrading our PrestaShop to the latest version
- Creating and using a backup