General account creation attack in progress

If you haven't experienced it yet, you should know that since the end of last week, an "attack" has been carried out on PrestaShop installations in the form of creating fictitious and therefore polluting accounts.

Don't ask me why some people have fun creating this kind of useless attack, but apart from annoying you it doesn't have too much risk, it seems to be a script that searches for PrestaShop installations in the world and has fun creating customer accounts.

The Solution

As often, when PrestaShop encounters a problem and there is an emergency to intervene, the community responds and especially Eolia and Doekia.

Mise en oeuvre

Two techniques are available to you to implement this correction if your store is affected by this attack.

Dans le code

Modify the /classes/Validate.php file by adding this code

public static function isCustomerName($name) { if (preg_match(Tools::cleanNonUnicodeSupport('/www|http/ui'), $name)) { return false; } return preg_match(Tools::cleanNonUnicodeSupport('/^[^0-9!\[\]<>,;?=+()@#"°{}_$%:\/\\\*\^]*$/u'), $name); }

Then in the file /classes/Customer.php replace

'lastname' => array('type' => self::TYPE_STRING, 'validate' => 'isName', 'required' => true, 'size' => 32), 'firstname' => array('type' => self::TYPE_STRING, 'validate' => 'isName', 'required' => true, 'size' => 32),

by

'lastname' => array('type' => self::TYPE_STRING, 'validate' => 'isCustomerName', 'required' => true, 'size' => 32), 'firstname' => array('type' => self::TYPE_STRING, 'validate' => 'isCustomerName', 'required' => true, 'size' => 32),

By Override

An override is an overload of the original class by a piece of code modifying the operation of the base class. This avoids having to rewrite the corrections made to your version of PrestaShop if you update it and above all it allows someone from outside to know these modifications very quickly.

Eolia proposes the two files Validate.php and Customer.php to save in the override directory of your PrestaShop installation.

Conclusion

Whatever your solution, you may not notice any improvement in the behavior of your store, you will just have to delete the file /cache/classe_index.php

If you can't implement this solution or if you are afraid to implement it on your PrestaShop store, I can take care of it, you just have to order 1 ticket and prepare an FTP access to your site that I will ask you after the order.

Order the set-up

Update 05/03/2019:

PrestaShop proposes to integrate this patch in the new version 1.6.1.24 available today for download as well as version 1.7.5.2 also available.

Comments