PrestaShop Antivirus:
scan and clean your store
Detect malware, malicious code and compromised files in one click. PrestaSecure analyzes every file in your installation and guides you toward a clean site.
What our antivirus detects
Our analysis engine is specialized in threats that target PrestaShop. This is not a generic antivirus: every rule is designed for the PrestaShop ecosystem.
Backdoors and webshells
Malicious PHP files hidden in your modules, themes or upload folders. These backdoors allow hackers to return even after a partial cleanup.
Injected and obfuscated code
Base64, eval(), gzinflate() and other obfuscation techniques used to hide malicious code in your PHP files, JavaScript or Smarty templates.
Credit card skimmers
Malicious scripts injected into checkout pages to steal your customers' credit card numbers. Detection in both PHP code and JavaScript files.
How the antivirus scan works
Full scan in one click
Launch a scan from the PrestaShop back-office or from your prestasecure.com dashboard. All your files are analyzed: core, modules, themes, uploads.
Multi-layer analysis
Each file is processed through multiple detection engines: known signatures, heuristic patterns, checksum comparison and behavioral code analysis.
Detailed report
Each detected threat is classified by severity (critical, high, medium, info). You see the affected file, the exact line and an explanation of the threat.
Guided remediation
For each infected file, PrestaSecure suggests an action: quarantine, restore to original or delete. No need to touch the code yourself.
Deep content analysis
Backdoors and webshells
Malicious PHP files hidden in your modules, themes or upload folders. These backdoors allow hackers to return even after a partial cleanup.
Injected and obfuscated code
Base64, eval(), gzinflate() and other obfuscation techniques used to hide malicious code in your PHP files, JavaScript or Smarty templates.
Credit card skimmers
Malicious scripts injected into checkout pages to steal your customers' credit card numbers. Detection in both PHP code and JavaScript files.
Modified core files
Comparison of every PrestaShop file against official checksums. Any modified, added or deleted file is flagged with a detailed diff.
Vulnerable modules
Identification of PrestaShop modules with known security vulnerabilities (CVE). Our database is synchronized with GitHub advisories and community alerts.
Malicious redirects
Detection of hidden redirects to phishing sites or spam pages. Analysis of .htaccess files, PHP code and JavaScript injections.
PrestaShop module code analysis
Our source code analysis engine tracks data flow from user inputs to dangerous functions. It detects real vulnerabilities, not false positives.
SQL Injection
Detection of user parameters (Tools::getValue, $_GET, $_POST) reaching SQL queries without pSQL() or integer casting protection.
Command execution
Identification of system(), exec(), eval() or passthru() calls with user-controlled data. Even partially sanitized data is tracked through the code.
XSS and HTML injection
Detection of echo and print statements outputting user data without proper escaping via htmlspecialchars() or htmlentities().
File inclusion & manipulation
Detection of include/require with user-controlled paths (LFI/RFI), file reads and writes with manipulable paths, and unsecured file deletions.
SSRF and XXE
Detection of server-side HTTP requests (curl, file_get_contents) with user-controlled URLs, and XML parsers vulnerable to external entity attacks.
Upload & deserialization
Detection of file uploads with manipulable destination paths, and unserialize() calls with untrusted data (including via the phar:// wrapper).
Antivirus FAQ
-
Does the antivirus slow down my site?
No. The scan runs in the background and does not impact your store's performance. Visitors notice no slowdown during the analysis.
-
How often should I run a scan?
We recommend a daily scan, which you can automate from the module. If you suspect an infection, you can run an on-demand scan at any time.
-
Does the scan detect vulnerabilities in third-party modules?
Yes. Our database includes known vulnerabilities (CVE) for the most popular PrestaShop modules. It is updated daily via GitHub advisories and community alerts.
-
What happens when a threat is detected?
You receive an email notification with the threat details. From the dashboard, you can quarantine the file, restore it to its original version or delete it. No action is taken automatically without your approval.
-
Does the antivirus work on shared hosting?
Yes. PrestaSecure is compatible with all hosting types: shared, VPS, dedicated, cloud. The module adapts to your server's constraints (memory limits, execution time).
An antivirus built for PrestaShop
PrestaShop stores are prime targets for cybercriminals. Malicious code injection in modules, credit card theft via skimmers, backdoors hidden in upload folders — attack vectors are numerous and often undetectable without a specialized tool.
The PrestaSecure antivirus was developed exclusively to address threats targeting the PrestaShop ecosystem. Unlike generic solutions, it understands the structure of a PrestaShop installation (core, modules, themes, overrides) and can distinguish a legitimate file from a compromised one.
With integrity verification based on official checksums, CVE detection for modules, and heuristic PHP code analysis, PrestaSecure provides comprehensive coverage to secure your online store.