The key improvements we ship to keep your store protected.
Last updated: 3 June 2026
No more abrupt “Access denied” page. After repeated attempts, the customer sees the store's usual login form with a clear message: too many attempts, remaining wait time and a direct link to reset their password. The threshold has been relaxed so a customer who simply mistypes their password isn't penalised, while automated attacks are still blocked instantly.
View the content of a flagged file, or its comparison with the official PrestaShop version, straight from your PrestaSecure dashboard — no SSH or FTP needed. Read-only access, strictly limited to your store and to safe file types.
The scanner now inspects the configuration and the editorial content displayed on your store, not just the files. This closes a blind spot exploited by some attackers to inject a card-skimming script outside the site's files — a vector seen in a real customer incident.
Catalogues of several million files, multistore: the scan now analyses the entire estate, with no truncation or memory overflow, chaining several automatic passes if needed. No part of the site is left out.
Recurring scans now only analyse the files actually modified since the last run, instead of re-scanning everything. The time saving is considerable on large stores, with no loss of coverage: a single changed byte is still detected.
The report builds before your eyes: threats appear as the scan progresses, with their severity and grouping, instead of waiting until the very end.
The module scans your store's PHP error log for known attack signatures (template injection, attempts to read sensitive configuration files, remote file inclusion, etc.). Attackers often leave months of failed attempts before succeeding: you're alerted from the very first signals.
No folder is skipped during the scan anymore (dependencies, themes, back office, upload folders, etc.). Malicious code can hide anywhere — including in a dependency or a webshell dropped into the admin. The analysis now covers the whole site.
Fix things in a few clicks: applying validated security patches, cleaning infected files, removing phantom modules (present on disk but unknown to PrestaShop) and updating vulnerable modules — all with automatic backup and rollback.
A badge shows, for every detected vulnerability, whether it's already neutralised by the PrestaSecure application firewall. You can tell at a glance what's protected from what needs action.
Apply patches for known vulnerabilities in the PrestaShop core and modules straight from your dashboard, with a prior backup, automatic verification after applying and the option to undo at any time.
First release: protection dashboard with a score, antivirus (file and fingerprint scanning), application firewall (SQL injection, XSS, brute force, path traversal), remediation tools, exportable security report and automatic module updates.
