Skip to main content
Sign in
Español Français Italiano

Good practices for securing your store

  • Updated

The security of your store is crucial, whether for you or for your customers. Hacking can take many forms: hijacking your payment methods to recover funds or bank details, recovering customer data, recovering your back-office password, among others.

There are several ways to strengthen the security of your store, in different areas:

 

Identifiers

  • Keep all the identifiers that you will generate when creating your store (FTP, back-office, hosting...) and only share them with trusted people.
  • Use a login and password manager.
  • Create profiles tailored to each type of intervention on your store, and different accounts for each person involved in the store (employee, designer, support...).

 

Accommodation

  • Secure your servers by using appropriate firewalls.
  • Make sure your hosting service regularly backs up your store, and/or make your own backups.
  • You can also take hosting with infogérance, that is to say with a server management service. Although often more expensive, this solution makes it easier for you to set up and maintain server security.

 

Orders and payment

  • Check if possible daily that your control tunnel looks normal visually and that access to payments corresponds to a normal state.
  • Check transactions daily, to ensure that they are properly recorded in both the back office of your PrestaShop store and the back office of your bank.

 

Modules

  • Be careful with the modules you install on your store. A module retrieved from a forum, for example, may contain a security vulnerability, or even be designed to create an entry point to your back office. It is best to use the PrestaShop Marketplace to find your modules.
  • Keep your modules up to date. Some updates are made precisely to correct security vulnerabilities.

 

Finally, stay curious and attentive! If behavior on your site changes overnight, you need to investigate. For example, has a module been installed recently? Has an external party worked on the store?

If you do not find solutions after collecting this type of information, do not hesitate to contact your web agency or PrestaShop support.

 

Related articles

Comments

0 comments

Please sign in to leave a comment.