Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Admin area unprotected :O


dfx

Recommended Posts

Posted

Hiyya,

After having spent a good deal of time troubleshooting several problems I had, I have managed to successfully install OSCommerce. One of the problems during install_7.php was that because it was a Windows shared server, the configure.php for the /catalog/includes and /catalog/admin/includes could not be written. Hence I had to manually edit the values (on my local hard drive and then upload the 2 configure.php).

The problem is that if I go to mydomain.com/catalog/admin/index.php , the admin area is readily accessible without any sort of protection :o . Is there any work around this, OTHER THAN to manually edit the configure.php file in the admin area every time I want to access the admin area? Cheers! Thanks very much.

Posted
Hiyya,

        After having spent a good deal of time troubleshooting several problems I had, I have managed to successfully install OSCommerce. One of the problems during install_7.php was that because it was a Windows shared server, the configure.php for the /catalog/includes and /catalog/admin/includes could not be written. Hence I had to manually edit the values (on my local hard drive and then upload the 2 configure.php).

        The problem is that if I go to mydomain.com/catalog/admin/index.php , the admin area is readily accessible without any sort of protection :o . Is there any work around this, OTHER THAN to manually edit the configure.php file in the admin area every time I want to access the admin area? Cheers! Thanks very much.

 

I'm on a linux server, and after uploaded the admin directory to httpsdocs I too noticed that the login prompt for the Admin section has been disabled. It USED to work.

 

I just started a thread on this as well. I hope we get easy answers. :-P

Posted

Go to your web hosting control panel and look for a Password Protect or Directory Protection feature, and use that to protect the admin folder. You can't use .htaccess files on Windows servers.

 

To give you some measure of protection you should rename the admin folder to something unique and then edit the two references to /admin/ to /newname/ in admin/includes/configure.php.

 

Vger

Hiyya,

        After having spent a good deal of time troubleshooting several problems I had, I have managed to successfully install OSCommerce. One of the problems during install_7.php was that because it was a Windows shared server, the configure.php for the /catalog/includes and /catalog/admin/includes could not be written. Hence I had to manually edit the values (on my local hard drive and then upload the 2 configure.php).

        The problem is that if I go to mydomain.com/catalog/admin/index.php , the admin area is readily accessible without any sort of protection :o . Is there any work around this, OTHER THAN to manually edit the configure.php file in the admin area every time I want to access the admin area? Cheers! Thanks very much.

Posted

That's great, I'll use the Webservers dir protection. Cheers.. thanks very much. :)

Posted
That's great, I'll use the Webservers dir protection. Cheers.. thanks very much. :)

 

If that doesn't work use .htaccess .htpassword files. I've just done this on mine and it's easy. Let me know if you need help.

Posted

If you had read the thread you would have noticed they were on Windows servers, and .htaccess doesn't work on Windows. Even on Apache it's far simpler to get the Password protection feature in the web hosting control panel to write the .htaccess and .htpasswd files for you.

 

Vger

If that doesn't work use .htaccess .htpassword files.  I've just done this on mine and it's easy.  Let me know if you need help.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...