Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Password Protect the 'admin' folder


Guest

Recommended Posts

Because I don't have the Password Protect feature in my web hosting control panel.

 

So I don't know how to protect the admin folder... >_<

Link to comment
Share on other sites

A simple solution is to re-name the admin directory to something else

 

for example /myprivate_admin/

 

this way no one will know where your admin directory is ... if you make this change remember that you will need to edit the file /myprivate_admin/includes/configure.php

 

:thumbsup:

Link to comment
Share on other sites

Can you explain clearly for me, please

 

Thanks!

1 - go to google.com in a browser.

2 - type password protection using .htaccess in the search string

3 - press enter

4 - read through the resulting links to find the answer

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

I have my admin directory password protected and it works just fine, but I have installed the contributions for print_invoice_from_checkout_success and Prof_Invoice&PackingSlip_v0.2. Now whenever someone places an order and clicks on the invoice button at the end of the order to view the invoice you get the dialog box to ask you for the admin username and password. Is there a way to change this so the admin username and password dialog box does not come up?

Link to comment
Share on other sites

Hi.

 

I'm completely new at this and I changed my admin folder name, but what is it I should edit in the configure file?

 

And does that by any change have something to do with this error announcement:

Warning: I am able to write to the configuration file: /customers/angelface.dk/angelface.dk/httpd.www/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

 

 

 

A simple solution is to re-name the admin directory to something else

 

for example /myprivate_admin/

 

this way no one will know where your admin directory is ... if you make this change remember that you will need to edit the file /myprivate_admin/includes/configure.php

 

:thumbsup:

Link to comment
Share on other sites

I have my admin directory password protected and it works just fine, but I have installed the contributions for print_invoice_from_checkout_success and Prof_Invoice&PackingSlip_v0.2. Now whenever someone places an order and clicks on the invoice button at the end of the order to view the invoice you get the dialog box to ask you for the admin username and password. Is there a way to change this so the admin username and password dialog box does not come up?

 

 

Can anyone help me with this?

Link to comment
Share on other sites

  • 2 weeks later...
The best way for password protection is using .htaccess

 

It's easy and useful :thumbsup:

 

 

 

This is what I did, but I don't know if it worked or how to test it. I opened the .htacces file in the admin folder and read what was in it. It said to change the appache httpd.conf file and change from:

 

<Directory />

Options FollowSymLinks

AllowOverride None

</Directory>

 

 

to:

 

 

<Directory />

Options FollowSymLinks

AllowOverride All

</Directory>

 

 

How do you test it to make sure it works?

Link to comment
Share on other sites

OK, been reading some more. Apparently I need a .htaccess and .htpasswd file. I read this file, http://help.bnsi.net/htpasswd/htpasswd.php and downloaded the htpasswd file creator from ftp://ftp.bnsi.net/pub/apache/ .

 

The problem is that although I now get a prompt asking for the user name and password, it won't take my u-p which I made. Am I not using the .htaccess file variables correctly to find the pwd file? This is what I have in my htaccess file:

 

 

AuthName "Secured site area"

AuthType Basic

AuthUserFile /htpasswd/.htpasswd

require valid-user admin

 

where the user file is in that folder beneath the access file.

 

thanks for any and all help.

Link to comment
Share on other sites

OK, I figured it out, I couldn't let the folder with the htpasswd file reside in the www layout. I had to move it to the root of the apache files. I am sure there is more I am missing, but at least I finally got it working. LOL

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...