Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

protecting admin


EllisD25

Recommended Posts

Searched the forum, but I'm not sure what I'm really looking for. When I go to

www.domainname.com/catalog/admin from any computer, I'm able to get the administration tool and make changes, without entering any password.

 

What can I do to protect this from the public? If I "password protect" the admin directory on my server, will that work, or will it make necessary files unavailable to users?

 

hope someone knows this - thanks for your help!

Link to comment
Share on other sites

Searched the forum, but I'm not sure what I'm really looking for.? When I go to

www.domainname.com/catalog/admin from any computer, I'm able to get the administration tool and make changes, without entering any password.

 

What can I do to protect this from the public? If I "password protect" the admin directory on my server, will that work, or will it make necessary files unavailable to users?

 

hope someone knows this - thanks for your help!

 

I'm new to oscommerce myself, but here is what I did.

 

I removed the admin folder completely from the store. If you do this, you will need to edit 2 files, both called configure.php located at

 

/catalog/includes and /admin/includes

 

Also, as you mentioned, I added entries to the default .htaccess files to make it password protected.

 

As far as I can tell, the admin directory could be completely removed from your domain name and placed into another domain name as long as the database stuff is correct inside the configure.php file.

Link to comment
Share on other sites

move the folder as stated above.

rename the folder (admin is a very easy folder to guess- if you just move it to say mydomain.com/admin - how easy would that be to type in?)

RENAME IT to something not easy to discover.

make sure you edit the (both) configure.php's to reflect this move/change

Then in your website admin control panel-- password protect that directory.

 

there are some contributions that also add further protection out there. search osCommerce contributions.

google for "password protecting directories" if you don't know how.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...