Skip to main content
Sign in
Español Français Italiano

Best practices for securing your store

  • Updated

The security of your store is crucial, both for you and for your customers. Hacking can manifest in multiple ways: diversion of your payment methods to recover funds or banking details, retrieval of customer data, recovery of the password for your back office, among others.

There are several ways to enhance the security of your store across different areas:

 

Identifiers

  • Safeguard all identifiers that you will generate upon the creation of your store (FTP, back-office, hosting, etc.), and only share them with trusted individuals.
  • Utilize a password manager.
  • Create profiles tailored to each type of intervention on your store, and distinct accounts for each individual involved with the store (employee, designer, support, etc.).

 

Hosting

  • Secure your servers by using appropriate firewalls.
  • Ensure that your hosting service regularly backs up your store, and/or perform your own backups.
  • You may also opt for managed hosting, which includes a server management service. Often more expensive, this solution, however, facilitates the implementation and maintenance of server security.

 

Orders and Payment

  • If possible, check daily that your order tunnel appears visually normal and that access to payments corresponds to a normal state.
  • Consult daily the transactions to ensure that they are properly reflected in both the back office of your PrestaShop store and the back office of your bank.

 

Modules

  • Please pay attention to the modules you install on your store. A module obtained from any forum may, for instance, contain a security vulnerability, or even be designed to create a backdoor into your back office. It is advisable to use the PrestaShop Marketplace to find your modules.
  • Keep your modules up to date. Some updates are specifically designed to address security vulnerabilities.

 

Finally, remain curious and attentive! If a behavior on your site changes overnight, it is necessary to investigate. For example, has a module been installed recently? Has an external consultant worked on the shop?

 

If you do not find solutions after collecting this type of information, do not hesitate to reach out to your web agency or PrestaShop support.

 

Related articles