Quick search:eBayDataTransferJTL-WorkerPayPal
Contents

    Protecting JTL-Shop from malware

    Your task/initial situation

    All websites, including online shops that are operated with JTL-Shop, can be the focus of attackers who distribute on servers. This harms either you as the shop operator or your customers. JTL is constantly optimising the security of JTL-Shop. However, you can also contribute to more security against malware through your own behaviour.

    Avoidance of malware

    In the following, we would like to give you some general tips on how to minimise the risk of your JTL-Shop being infected by malware. Please note that there can never be absolute protection. With the following measures, however, you can already reduce the risk significantly.

    • Limited number of users: The data for JTL-Shop is usually located on an FTP server to which you have access. Try to give only as few users as necessary access to the FTP server. Each user increases the risk of misconduct leading to an open vulnerability. If you need to grant individual users (for example, employees of the JTL Support team) access to the FTP server, set up a temporary user account that you can deactivate again after completing all the necessary work.
    • Secure, unique passwords: Every user who has access to the FTP server and the back end of JTL-Shop should have their own user name and a password that is as complicated as possible, has at least 8 characters and contains numbers and special characters in addition to letters. You should also not store the passwords on your system or, if you do, only in encrypted form.
    • Virus scanner: Protect all computers that have access to the admin back end of JTL-Shop as well as to the FTP server with virus software. Always keep the software up to date.
    • Do not open suspicious emails: Despite having an up-to-date virus scanner, never open the attachments of emails whose origin you do not know. Especially if the sender is unknown to you and the sender’s address seems strange, you should leave emails unopened if in doubt. Also, do not click on links if you do not know or cannot identify the sender. If you move the cursor over links, you can usually see which address is to be opened and possibly see whether the address is suspicious. Also pay attention to minor misspellings in URLs.
    • Regular updates: JTL regularly releases updates for JTL-Shop. You should always install them as soon as possible. If we become aware of any security vulnerabilities, we close them as part of these updates. To be able to install all updates, you may need a valid subscription. In addition, always keep the operating systems of the computers that access JTL-Shop or the FTP server up to date.

    What to do in case of malware infestation?

    If your JTL-Shop should ever be infected with malware, you must act quickly. The best thing to do at this moment is to contact a professional who knows how to combat malware. Also contact the web host who operates the server on which your JTL-Shop is running. This person can usually help with the removal of malware. The following steps should therefore also be understood more as a guideline. You may need to take further measures to remove the malware completely.

    You will usually learn about malware in your JTL-Shop via a message in the web browser that appears when you call up the address of your online shop.

    1. From a computer that you know is secure (e.g. a previously unused device), change all passwords that provide access to the admin back end of JTL-Shop and the FTP server. This is the only way to prevent the malware from being directly reinstalled by the attacker. For the new passwords, choose combinations of letters, numbers, and special characters that are as difficult as possible and cannot be guessed.
    2. First, do not access the FTP server again, but update the anti-virus software on all computers that had access to the FTP server. Then have all the computers scanned completely to find out if there is malware on any of them. Remove the malware and, if necessary, take countermeasures to prevent reinfection.
    3. Have the file structure checked (see Checking the file structure). Scan all modified files for malicious code. If you find files with malicious code, make a note of the modification time. Since verification only examines part of the files, you should then search for all files that were changed around the same time or afterwards. Your web host may be able to help you with this. Replace all changed files with the original JTL-Shop files. Alternatively, you can restore a backup of the JTL-Shop files from before the malware infestation.
    Please note: Malicious code in the JTL-Shop database is very rare and can only be found manually. In this case, the only thing that helps is to import a database backup.
    1. Once the malicious code has been cleaned, follow the message in the browser to have another scan performed so that the shop is removed from malware blacklists again.