Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Protecting admin and setting permissions...


withoutwarning

Recommended Posts

Hi there...

 

I'm completely new to OSC...I have installed the files today and am doing the basic set up of files, etc. I have figured most of it out but I can't seem to figure out how to protect my admin panel with a password. If anybody can help it would be awesome...I'm pretty sure it'll be something straight forward but I can't see the wood for the trees right now :huh:

 

Also, I am getting a message at the top of the store as follows:

 

Warning: I am able to write to the configuration file: /home/jaypar2/public_html/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

 

I set the permissions as per the documentation via my ftp server but it hasn't done the trick. I'd be grateful if somebody could let me know what to do...

 

Thanks in advance and regards,

 

...J...

Link to comment
Share on other sites

If your site is on a Windows server then using FTP to change permissions won't work, and you'll have to do it via the File Manager in your web hosting control panel.

 

To protect your 'admin' folder the first thing to do is to FTP to it and rename it to something unique (not admin2 or newadmin). Then in admin/includes/configure.php you need to alter the two references to /admin/ to /newname/

 

After you've done that then go to your web hosting control panel and look for a feature called Password Protect or Directory Protection and password protect the newly renamed folder.

 

Vger

Link to comment
Share on other sites

If your site is on a Windows server then using FTP to change permissions won't work, and you'll have to do it via the File Manager in your web hosting control panel.

 

To protect your 'admin' folder the first thing to do is to FTP to it and rename it to something unique (not admin2 or newadmin).  Then in admin/includes/configure.php you need to alter the two references to /admin/ to /newname/

 

After you've done that then go to your web hosting control panel and look for a feature called Password Protect or Directory Protection and password protect the newly renamed folder.

 

Vger

 

 

Hey Vger...

 

Thanks for the info :) I appreciate the help...I've changed the permissions for the configure.php file via my hosting co but the message is still coming up. The docs say that the permissions need to be set to 777. Is that correct?

 

I'll make the changes to the admin pages as well, or password protect if I can...

 

Regards,

 

...J...

Link to comment
Share on other sites

no, the file permissions on the catalong/includes/configure.php is 644, the knowledge base has this. it is only 777 for some browsers DURING installation. you do not have to change the directory name, just make sure you use tough passwords for your site/email, etc.

an example:

Password: S#ejespe+*E

Phonetics: SIERRA - Hash - echo - juliet - echo - sierra - papa - echo - Plus - Asterisk - ECHO

Link to comment
Share on other sites

no, the file permissions on the catalong/includes/configure.php is 644, the knowledge base has this.  it is only 777 for some browsers DURING installation.  you do not have to change the directory name, just make sure you use tough passwords for your site/email, etc.

an example:

Password: S#ejespe+*E

Phonetics: SIERRA - Hash - echo - juliet - echo - sierra - papa - echo - Plus - Asterisk - ECHO

 

Hey John...

 

Thanks for the heads up. I appreciate the help with that. I'll make the changes...thanks for the tips on the password as well. I'll make sure everything is watertight...

 

Regards,

 

...J...

Link to comment
Share on other sites

Hmmm...bit of a strange one. I have set the permissions as 644, but the message was still showing. I tried to set the permission to 444 (as per the docs - teach me not to read the docs next time), but the permission keeps defaulting to 644 and the message still appears. I have tried taking the password protection off the admin file but that doesn't seem to work either...any suggestions?

 

Thanks in advance,

 

...J...

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...