Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Admin area unprotected :O


dfx

Recommended Posts

Hiyya,

After having spent a good deal of time troubleshooting several problems I had, I have managed to successfully install OSCommerce. One of the problems during install_7.php was that because it was a Windows shared server, the configure.php for the /catalog/includes and /catalog/admin/includes could not be written. Hence I had to manually edit the values (on my local hard drive and then upload the 2 configure.php).

The problem is that if I go to mydomain.com/catalog/admin/index.php , the admin area is readily accessible without any sort of protection :o . Is there any work around this, OTHER THAN to manually edit the configure.php file in the admin area every time I want to access the admin area? Cheers! Thanks very much.

Link to comment
Share on other sites

Hiyya,

        After having spent a good deal of time troubleshooting several problems I had, I have managed to successfully install OSCommerce. One of the problems during install_7.php was that because it was a Windows shared server, the configure.php for the /catalog/includes and /catalog/admin/includes could not be written. Hence I had to manually edit the values (on my local hard drive and then upload the 2 configure.php).

        The problem is that if I go to mydomain.com/catalog/admin/index.php , the admin area is readily accessible without any sort of protection :o . Is there any work around this, OTHER THAN to manually edit the configure.php file in the admin area every time I want to access the admin area? Cheers! Thanks very much.

 

I'm on a linux server, and after uploaded the admin directory to httpsdocs I too noticed that the login prompt for the Admin section has been disabled. It USED to work.

 

I just started a thread on this as well. I hope we get easy answers. :-P

Link to comment
Share on other sites

Go to your web hosting control panel and look for a Password Protect or Directory Protection feature, and use that to protect the admin folder. You can't use .htaccess files on Windows servers.

 

To give you some measure of protection you should rename the admin folder to something unique and then edit the two references to /admin/ to /newname/ in admin/includes/configure.php.

 

Vger

Hiyya,

        After having spent a good deal of time troubleshooting several problems I had, I have managed to successfully install OSCommerce. One of the problems during install_7.php was that because it was a Windows shared server, the configure.php for the /catalog/includes and /catalog/admin/includes could not be written. Hence I had to manually edit the values (on my local hard drive and then upload the 2 configure.php).

        The problem is that if I go to mydomain.com/catalog/admin/index.php , the admin area is readily accessible without any sort of protection :o . Is there any work around this, OTHER THAN to manually edit the configure.php file in the admin area every time I want to access the admin area? Cheers! Thanks very much.

Link to comment
Share on other sites

If you had read the thread you would have noticed they were on Windows servers, and .htaccess doesn't work on Windows. Even on Apache it's far simpler to get the Password protection feature in the web hosting control panel to write the .htaccess and .htpasswd files for you.

 

Vger

If that doesn't work use .htaccess .htpassword files.  I've just done this on mine and it's easy.  Let me know if you need help.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...