PrestaShop is an open source eCommerce solution. It comes with a variety of tools necessary for building a successful online shop. To create an online store with PrestaShop you need reliable web hosting services.
It comes with over 275 features being carefully developed in order to increase business owners’ sales with minimal efforts required. All the software features are absolutely free.
PrestaShop is free software as it’s specified in the GNU General Public License and officially started in August 2007 for small and medium-size businesses. The software, based on the Smartly template engine, nowadays is used by more than 100,000 shops all over the world.
PrestaShop version 1.7.8.7 is now available. This release fixes one important security issue, read this article for more information.
The maintainer team has been made aware that malicious actors are exploiting a combination of known and unknown security vulnerabilities to inject malicious code in PrestaShop websites, allowing them to execute arbitrary instructions, and potentially steal customer’s payment information.
While investigating this attack, we found a previously unknown vulnerability chain that has been fixed in this release. At the moment, however, we cannot be sure that it’s the only way for them to perform the attack.
We suggest upgrading your shop quickly in order to benefit from this fix. Please remember to back up before you upgrade.
Be aware that upgrading your software might not be enough to secure your store if it has been hacked already. Consider contacting a specialist to perform a full audit of your site and make sure that no malicious content has been planted.
Reminder: the latest version of the 1-Click Upgrade is v4.14.2 and has been just released, don’t forget to upgrade it.
About the security fix
This security fix strengthens the MySQL Smarty cache storage against code injection attacks.
Note: this legacy feature is maintained for backward compatibility reasons and will be removed from future PrestaShop versions. It is recommended not to enable it due to reduced performance.
We would like to take the opportunity to stress once more the importance of keeping your system updated to keep your shop safe from attacks. This means regularly updating both your PrestaShop software and its modules, as well as your server environment.
Acknowledgements
Contributors to PrestaShop version 1.7.8.7:
Dominik Shaim who first reached out to the security team and helped investigate the vulnerability
Maintainers Daniel Hlavacek and Krystian Podemski who helped investigate the vulnerability
Maintainer and security lead Thomas Baccelli who helped investigate the vulnerability and build the fix
QA analysts and engineers who tested this release and the upgrade process: Florine Hea, Sarah Cavrot, Khouloud Belguith, Hana Rebai, Marwa Chelly, Hibatallah Aouadni, Boubker Bribri and Aurelien Rita.
Top and Reliable PrestaShop v1.7.8.7 Hosting Provider
ASPHostPortal.com has always been a reputed web hosting company since its inception in 2008. As a leader in the industry, ASPHostPortal has a large customer base consisting of millions of customers from various locations of the world. The most impressive thing of this company, however, is that it keeps enjoying a high customer satisfaction rate which is more than 99%.
As a PrestaShop recommended web hosting package, ASPHostPortal Host One plan is an ideal option for PrestaShop users who look to set up a rich-featured e-commerce website. The plan includes some cutting-edge technologies and beneficial extras.
As a new comer, WindowsASPNETHosting.IN grows with one goal in mind – offering an easy-to-use and affordable web hosting product for customers’ online business. The company has always focused on guaranteeing the highest levels of technical support, customer satisfaction and quality of service in the web hosting industry.
WindowsASPNETHosting.IN provides an optimized web hosting service for the users of multiple popular e-commerce software including PrestaShop. Its web hosting plan, which starts from INR 200/mo, includes a 1-click installer for PrestaShop and 30 days full money back guarantee.
DiscountService.biz is a large Australia web hosting company with over ten thousands hosted domains. The web host is fully trusted because it has been dedicated to delivering great reliability and high performance to every website hosted in its closely monitored data centers.
DiscountService.biz has four web hosting plans named Beginner, Economy, Professional and Business which come with guaranteed server resources and competitive features. Their PrestaShop hosting package is starting from $7.00/month.