SecurityFlagship

Security Suite - Malware Scanner & File Monitor

Protect your store from malware, backdoors, payment skimmers, and unauthorized file changes. Advanced malware scanning with 100+ patterns, file integrity monitoring with line-by-line diffs, quarantine management, cron automation, and email alerts.

Malware scanning
File monitor
Quarantine
Email alerts

Price

209.99€

Compatibility: PrestaShop 1.7, 8, 9

Buy on PrestaShop Addons Try Live Demo Contact Us

Part of

Security Suite

Media

Features

Malware scanner with 100+ patterns

Detect backdoors, web shells, payment skimmers, code injection, remote code execution, credential stealers, crypto miners, and heavy obfuscation.

File integrity monitoring

Create file snapshots and compare to detect modified, new, and deleted files. View line-by-line diffs for any changed file directly in the back office.

Disguised file detection

Verify image file headers (PNG, JPG, GIF, WebP, ICO) to catch malicious code hidden inside fake media files — a common skimmer technique.

17 automated security checks

Evaluate debug mode, SSL, PHP version, file permissions, admin folder, security headers, backup files, and more with a 0-100 security score.

Quarantine management

Isolate infected files in a protected directory. Restore, edit before restoring, whitelist false positives, or permanently delete threats.

Content-based whitelist

Suppress false positives by whitelisting specific code patterns. Applied globally across all files and future scans automatically.

Automated cron scans

Schedule malware scans and snapshot comparisons via cron with self-chaining technology for reliable processing on shared hosting.

Email alert notifications

Receive detailed alerts when threats are detected or file changes are found, with support for multiple recipient email addresses.

Bulk threat actions

Quarantine, whitelist, resolve, or delete multiple threats at once. Recheck individual threats to verify cleanup. Export reports for documentation.

Recently modified files browser

View recently changed files across your store with time range and extension filters for quick investigation of suspicious activity.

Live Demo

Back Office Demo

Admin panel preview

Open Back Office

Front Office Demo

Customer-facing storefront

Open Front Office

Frequently Asked Questions

Changelog

v1.2.1

• Fixed compatibility with early PHP 7 versions — because some servers age like fine wine, and we respect our elders.

v1.2.0

• Added Admin Protection: lock down your admin folder with HTTP Basic Auth, IP whitelisting, or both — because "admin123" as a folder name was never really a security strategy.
• "Scan File Extensions" flipped to "Excluded File Extensions" — instead of listing what to scan, you now list what to skip, so you can't accidentally forget to scan the one file type that matters.
• You can now delete files flagged as "new" straight from the snapshot comparison. Found a file that shouldn't exist? One click and it's gone — no FTP client required.
• Modified files can now be restored to their original snapshot content. Basically an undo button for your filesystem. You're welcome.
• Binary files (images, PDFs, fonts, archives) no longer crash the file viewer with a cryptic JSON parsing error. Turns out, shoving raw JPEG bytes into a JSON response was never going to end well.
• Image files now get an actual inline preview in the diff modal. Modified images show a side-by-side before/after comparison, because seeing is believing.
• Large files no longer vanish from snapshots like they were never invited. Files exceeding the size limit now get their hash recorded instead of being silently ghosted.
• Fixed a batch resume bug where the file sitting at the exact moment the time or memory limit hit would be permanently skipped. It was like musical chairs, except the loser never got to play again.

v1.1.0

• Added comparison history: every snapshot comparison is now logged in a database table so you can track all past comparisons, not just the latest one.
• Cron now sends an email report after every scan and snapshot comparison, even when nothing suspicious is found. No news used to mean good news — now it means your cron stopped running.

v1.0.2

• Taught the scanner to tell the difference between a malware payload and a perfectly innocent PNG hiding inside a data URI. No more crying wolf over embedded images.
• Stopped falsely accusing PHP closures of being shady dynamic function calls. $checkValueIsString($value) is a responsible citizen, not a backdoor.
• The md5(md5()) pattern now minds its own business unless superglobals are involved. Double-hashing your cookies? Totally fine. Double-hashing $_POST['password']? We need to talk.
• base64_encode($_SERVER['PHP_AUTH_USER']) is just HTTP Basic Auth doing its job — no longer treated like a credential heist in progress.
• Fixed the scanner getting stuck like it hit an invisible wall. Added byte-offset caching so index resumption is O(1) instead of O(reading-the-entire-novel-from-page-one-every-time).
• Added a 45-second fetch timeout to scan requests so the UI doesn't freeze into an eternal "Scanning..." meditation when the server goes quiet.
• Security check for admin accounts now names names. "1 account never logged in" is helpful; "1 never logged in: Ghost Employee (ghost@example.com)" is actionable.

v1.0.1

• Fixed snapshot comparison playing hide-and-seek with newly added files (spoiler: they were there all along, we just weren't looking from the start).