Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Windows/IIS does exist!


antioch

Recommended Posts

ur documentation seems to be inflicted with the same bug that most open source software documentation suffers from - a nearly complete lack of recognition that Windows/IIS even exists despite its 20%+ webserver marketshare. having said that, i realize that windows and iis "sucks," but some of us are forced to use it for one reason or another.

 

got thru the install after a few hitches. re installation documentation: definetly need to fix the reference to the single config.php to reflect the need to change permissions on both files.

 

its the post-install instructions that im concerned with, so allow me to selectively quote them.

3. Set the permissions on catalog/images directory to 777

4. Set the permissions on admin/images/graphs directory to 777

is that read, write and modify permissions for the public user(INET_compname)?

777 for just THOSE folders? or for their contents also?

 

The store admin directory on your server needs to be password protected using .htaccess. Most of the time the server you are hosting your store on has the ability to password protect directories through the server administration area so check with your host.

no htaccess for iis, so should i simply disable anonymous access for this directory? if so, i assume any means of windows authentication would suffice?

Link to comment
Share on other sites

777 translated to Windows means read-write-execute for all, and this is why it only applies to the folder and not to the files in it.

 

755 (which should suffice) means:

read-write-execute

read-nothing-execute

read-nothing-execute

 

Regarding protecting 'admin' the first thing to do is to rename it to something unique - if a hacker can't find it they can't attack it. Then in admin/includes/configure.php change the two references to /admin/ to /newname/

 

Most windows hosts have their own way of password protecting folders, but from my own memory most of them charge for it as an additional service.

 

Vger

Link to comment
Share on other sites

777 translated to Windows means read-write-execute for all, and this is why it only applies to the folder and not to the files in it.

read, write and execute are all valid permissions for files. however, while 'read&execute' is a valid permission for folders, it actually translates to traverse folder security and not any sort of execution.

 

and what about the other folders under catalog/images? do they also get 777?

 

Most windows hosts have their own way of password protecting folders, but from my own memory most of them charge for it as an additional service.

life is good - no extra charges, for i own the box. i just enabled windows integrated authentication for the admin folder. :)

 

btw, ive enjoyed ur previous work with the register globals patch. nice work! :thumbsup:

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...