Prestashop Security Practices

By Dinh Nghia Tran In: Prestashop 1.6 Hits: 3949

prestashop 1.7

Security for online store is essential with data of customers as name, address, email, bank account and so on. Moreover, information of the manufactures and the price may be revealed. Therefore having a good security for your online store is vital issue. It helps your business safely and you also easily gain the trust of customers.

Today, we write which you need to have a safe online store with Prestashop Platform.

  • Update version

We understand that security issue is one of the main reasons for Prestashop launched new versions. That was reflected in the change log when there is a new version released. Almost update version is included the improvement of security system. Thus, if you want to improve security for your online store, you should upgrade to the newer version in the future.

  • SSL Certification

The encrypted data between clients to web server is important and quite popular. This is a security method is common and each store should have. We have to ensure that SSL certification is enabled.

  • Admin Password 

Usually, an account manager in the back office has a password. It is seemed simple bit I recommend that you should not set password based on names, DOB…because it can be found. If you use password too long and complicated, it would have to recover anytime if you forget. When you have online store, you create some users and password in different level as FTP – hosting, cpanel, and database. Please do not use the same password come up with a complicated password, you should use passcodes generators:

  • File .htaccess

This file is used for Apache web servers that controls access to the folder it is located in and all its subfolders.

With this file, you can create a few security measures:

-Control access in admin panel (whitelist the IPs that can have access to the store back end).

-User can lock the template files.

This file could be applied in different situations. However, we suggested not to mess with it unless you are experienced enough or have a developer to help you.

  • Backups your store

This backup is merely create a copy of your site at a specific time. The backup file is include your database and content. It will help you save time when your page face with any technical issues that need to be repaired or hacked or anything bed happens and you need to restore it.

  • Cookie & Modules

It helps your store save information about visitors, you also enable or disable files. You access into administration  Preferences, you can turn on option “Check the IP address on the cookie” This way the store can check whether IP of visitors matches its browser cookie IP. This helps to detect fraudsters and stop undesirable attempts to log into the admin area.

But you also need to warn visitors that you use cookies to store their info. There are modules which can help you with this type of notification. Moreover, there are some modules which can help you prevent people who want to gain unauthorized access.

  • Frontent Security

This is a PrestaShop default feature that can be enabled in Preferences > General. “Increase Front Office security” - set it to "yes". This way each customer’s session gets a unique URL, so that information that the customer has added is secured and cannot be used in another browser/computer.

Dinh Nghia Tran

More themes

And all future Templates are only available as long as you stay

Support Policy

What Are Included?

    This Package packed All Modules, Templates, Userguide, DataSameple. By using this package, you will get the site the same as the demo


    All our templates are delivered with source Adobe.PSD files.


    You can get All of Template, Modules, Plugins... which we use for the demo.


    This Package packed All Modules, Templates, Userguide, DataSameple. By using this package, you will get the site the same as the demo.


    If you have any problems, please contact us! We will reply as soon as possible we answer all emails within 24 hours.