Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

security .htaccess


inbal571

Recommended Posts

Hi all.

 

at the end of the installation there's a paragraph that says:

"You need to .htaccess your /catalog/admin directory so that it is password protected. You

can use the password manager in your server admin area like cpanel."

 

What does it mean?

 

I get a warning messege in the catalog page that says:

"Warning: I am able to write to the configuration file: /home/imbcom/public_html/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file."

 

Is that the reason for it?

 

I changed the mode of the comfigure.php file to "Read only", but it didn't work.

 

Thanks in advance,

Inbal.

Link to comment
Share on other sites

htaccess means you need to set up an admin user name and password.

Easiest way to do this would be to

1. check your hosts control panel and see if they have a "password protect directory" link and use that

or

2. install one of the several contributions for protecting the admin.

 

otherwise you have to install an htaccess and htpassword file and that can be a pain.

 

Not sure why it would still be readable if you changed it, did you set it to 755 or 644? Can never remember which... if you did, have you tried closing your browser? Might be a caching issue. Not sure.

Wendy James

 

Creativity is allowing yourself to make mistakes. Art is knowing which ones to keep.

Link to comment
Share on other sites

Thanks for the help, i added the password to that directory.

 

but I still get the warning messege. the file is set to 644 (I also tried 444 - and that is read only) but the warning is still there.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...