Top and Reliable PrestaShop v1.7.6.6 Hosting

What’s PrestaShop?

PrestaShop is an open source eCommerce solution. It comes with a variety of tools necessary for building a successful online shop. To create an online store with PrestaShop you need reliable web hosting services. It comes with over 275 features being carefully developed in order to increase business owners’ sales with minimal efforts required. All the software features are absolutely free.

PrestaShop is free software as it’s specified in the GNU General Public License and officially started in August 2007 for small and medium-size businesses. The software, based on the Smartly template engine, nowadays is used by more than 100,000 shops all over the world.

New Features in PrestaShop 1.7.6.6

The ongoing work on security for PrestaShop software continues. We have identified and fixed new minor security issues and since we don’t expect PrestaShop 1.7.7.0 final to be released before a few weeks, it has been decided to deliver a new maintenance release for 1.7.6.X branch.

Similarly to 1.7.6.5, this maintenance release fixes not only regressions found on versions 1.7.6.0 to 1.7.6.5, but also a few security issues from 1.5, 1.6 and 1.7 versions. This is again a result of the huge work on security going on in 2020 to make PrestaShop software safer. PrestaShop will continue focusing more and more on security to ensure that no security breaches, even minor ones such as permission issues, are left out in the core.

As this patch fixes several security issues, we highly recommend to upgrade your shop as soon as possible. Of course, as always, don’t forget to backup before.

Reminder: the 1-Click Upgrade module’s latest version is v4.10.1, don’t forget to upgrade it.

Main fixes

Below are listed the 6 regressions that were found and fixed in this version:

Front-office regression:

• A BC break was mistakenly introduced in 1.7.6.5 on some selectors in the front-office #18509

Back-office regressions:

• It was not possible to use Stocks page without the rights for Translation page #19713
• Bad button color in Modules pages modal window #9699
• No success message in Customer page after editing a voucher #18842

Other regressions:

• It was not possible to update currencies using the Webservice #18865
• There was an error at the end of the upgrade if it was run manually #18723

Security fixes

7 security fixes have been included in this patch version:

• External control of configuration setting in the dashboard (security advisory)
• Improper access controls in Carrier page, Module Manager and Module Positions (security advisory)
• Improper authentication (security advisory)
• Reflected XSS in product page (security advisory)
• Stored XSS in AdminQuickAccesses (security advisory)
• Information disclosure in release archive (security advisory)
• Information exposure in upload directory (security advisory)

More information about why it is important to update:

• External Control of System or Configuration Setting
• Improper Access Control
• Improper Authentication – Generic (CWE-287)
• Cross-site Scripting (XSS)
• Open Redirect (CWE-601)
• Information Exposure Through Directory Listing (CWE-548)
• Information Disclosure (CWE-200)

Notable change

In order to correctly handle user session expiration, two new SQL tables have been added to PrestaShop MySQL schema: ps_customer_session and ps_employee_session. These SQL tables are used for security purposes.

Breaking or risky changes

Dashboard modules can no longer use AdminDashboardController::ajaxProcessSaveDashConfig() to save values. This is not possible anymore in PrestaShop 1.7.6.6 in order to enforce the shop’s security.

A bug fix included in 1.7.6.5 required changing a CSS selector in the Front Office’s product page and rendering it more specific. However, this new selector did not work with some third party themes which were based on Classic. In 1.7.6.6, a new generic selector has been added: .product-container. If you are a theme developer, make sure to add this class to the appropriate container on your product page in order to allow your product page to be refreshed on changes.

Top and Reliable PrestaShop v1.7.6.6 Hosting Provider

ASPHostPortal.com

ASPHostPortal.com has always been a reputed web hosting company since its inception in 2008. As a leader in the industry, ASPHostPortal has a large customer base consisting of millions of customers from various locations of the world. The most impressive thing of this company, however, is that it keeps enjoying a high customer satisfaction rate which is more than 99%. As a PrestaShop recommended web hosting package, ASPHostPortal Host One plan is an ideal option for PrestaShop users who look to set up a rich-featured e-commerce website. The plan includes some cutting-edge technologies and beneficial extras.

WindowsASPNETHosting.IN

As a new comer, WindowsASPNETHosting.IN grows with one goal in mind – offering an easy-to-use and affordable web hosting product for customers’ online business. The company has always focused on guaranteeing the highest levels of technical support, customer satisfaction and quality of service in the web hosting industry. WindowsASPNETHosting.IN provides an optimized web hosting service for the users of multiple popular e-commerce software including PrestaShop. Its web hosting plan, which starts from INR 200/mo, includes a 1-click installer for PrestaShop and 30 days full money back guarantee.

DiscountService.biz

DiscountService.biz is a large Australia web hosting company with over ten thousands hosted domains. The web host is fully trusted because it has been dedicated to delivering great reliability and high performance to every website hosted in its closely monitored data centers. DiscountService.biz has four web hosting plans named Beginner, Economy, Professional and Business which come with guaranteed server resources and competitive features. Their PrestaShop hosting package is starting from $7.00/month.