Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Admin Section does not ask for a password

Daleh

By Daleh
in General Support

Recommended Posts

Daleh

Daleh

Posted
Posted

Hi,

 

I've installed everything and got it working fairly well but it doesn't ask me for a username and password when I access the catalog/admin directory. Obviously I don't want anyone being able to access that and change the products and pricing that I've set up.

 

Any idea why this would happen? I was trying to find an answer through the forum and I see that I do have an .htaccess file but no .htpasswd file anywhere. Is that something that I have to install seperately?

 

Thanks

 

Dale

Vger

♥Vger

Posted
Posted

osCommerce MS2 does not come with this password protection as part of the install - you have to do it yourself.

 

The easiest way is to do the following:

 

1. FTP to your site and rename the 'admin' folder to something unique - because if it can't be found it can't be hacked.

2. Then in admin/includes/configure.php change the two references to /admin/ to /newname/

3. Then go to your Web Hosting control panel (not the osCommerce admin panel), and use the Password or Directory Protection feature to protect the newly renamed admin folder.

 

Vger

Leatherface

Leatherface

Posted
Posted
osCommerce MS2 does not come with this password protection as part of the install - you have to do it yourself.

 

The easiest way is to do the following:

 

1. FTP to your site and rename the 'admin' folder to something unique - because if it can't be found it can't be hacked.

2. Then in admin/includes/configure.php change the two references to /admin/ to /newname/

3. Then go to your Web Hosting control panel (not the osCommerce admin panel), and use the Password or Directory Protection feature to protect the newly renamed admin folder.

 

Vger

 

Vger,

not to hijack, but I am having the same problem...I downloaded the admin23 constribution but I cant seem to do anything with it..

 

Tried the suggestion you made above, but when I ftp to my site I dont seem to have an admin folder or am I misunderstanding??

 

thanks for the help

dave

TheMJ

TheMJ

Posted
Posted

@vger: the name of the folder doesn't really matter. a program could easily bruteforce the name of the admin dir (trys different ones untill it doesn't get a 404). it is much more important to choose a long hard to guess password.

 

@Leatherface: your admin dir is in your catalog dir

Leatherface

Leatherface

Posted
Posted
@vger: the name of the folder doesn't really matter. a program could easily bruteforce the name of the admin dir (trys different ones untill it doesn't get a 404). it is much more important to choose a long hard to guess password.

 

@Leatherface: your admin dir is in your catalog dir

 

Huh?? I dont get ya...When I type in the oscommerce thingy to work on it all I get is a blue screen with stuff on it...I dont see a place for the catalog...

Leatherface

Leatherface

Posted
Posted

ok I figured out what you guys were saying...It took me a bit to figure it out, but one of my buds sent me a tutorial on Oscommerce...Now here is the problem...Using my FTP client to goto the site, I click on the catalog to change my homepage and nothing is in the catalog like the tutorial...Ahh did I have a bad install or am I missing soimething in the install??

Leatherface

Leatherface

Posted
Posted
You click on the catalog folder? and its empty?

and your site works?

 

yup sure does...it just doesnt make sense to me as well...But everything seems to be working, I just cant change anyting...And the tutorial seems to make it easier and now I think I got it, but I cant do anything with it...lol...at least as far as changing the looks anyway...Any ideas??

 

Dave

AngelSpeedy

AngelSpeedy

Posted
Posted
osCommerce MS2 does not come with this password protection as part of the install - you have to do it yourself.

 

The easiest way is to do the following:

 

1. FTP to your site and rename the 'admin' folder to something unique - because if it can't be found it can't be hacked.

2. Then in admin/includes/configure.php change the two references to /admin/ to /newname/

3. Then go to your Web Hosting control panel (not the osCommerce admin panel), and use the Password or Directory Protection feature to protect the newly renamed admin folder.

 

Vger

 

Tks Vger works for me B)

 

Cya and Tks... :P

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...