samdel17 Posted March 20, 2006 Posted March 20, 2006 Hi! I've just installed oscommerce application on one of my client's web server and I've noticed this one from the default hompage: ======================== Securing The Administration Tool It is important to secure the Administration Tool as there is currently no security implementation available. ======================== I've noticed that the application was installedin the following path http://www.<myclients_website>.com/oscommerce/catalog/ and the admin can be found by simply adding that "admin" folder such as the following http://www.<myclients_website>.com/oscommerce/catalog/ 2 questions, is there anyway I can rename that "oscommerce" folder directory as I don't feel its a good idea to tell the wholeworld I'm using oscommerce*laughs*. I've noticed that some oscommerce website has no "oscommerce" folder instead their path is http://www.<myclients_website>.com/catalog/ or http://www.<myclients_website>.com/storefron/catalog/ how do I do that? Secondly, how do I secure the "administration" tool as I noticed that any users can just access my admin page by simply adding "/admin" to http://www.<myclients_website>.com/oscommerce/catalog/. Any help will be appreciated. Thanks! Sam
ian123 Posted March 20, 2006 Posted March 20, 2006 I have same issue as you this, I have searched this forum but cant find any results, if you find out how to solve the issues you mentioned then please let me know
kgt Posted March 20, 2006 Posted March 20, 2006 Both of your questions have been answered multiple times. You will find plenty of information: http://www.google.com/search?hl=en&q=renam...G=Google+Search http://www.google.com/search?hl=en&lr=&q=p...com&btnG=Search You can request clarification if you don't understand. Contributions Discount Coupon Codes Donations
ian123 Posted March 20, 2006 Posted March 20, 2006 Both of your questions have been answered multiple times. You will find plenty of information: http://www.google.com/search?hl=en&q=renam...G=Google+Search http://www.google.com/search?hl=en&lr=&q=p...com&btnG=Search You can request clarification if you don't understand. I have managed to sort change the names of the folders etc, I am testing OScommerce on my local host and I want to protect the admin folder and all the other folders, the above reply just tell you to protect your folders via your host, how can i protect all the folders that dont need to be seen. Also what are all these htt.access files. if they are to protect your folders then why dont they work. Thanks
spax Posted March 21, 2006 Posted March 21, 2006 If you want to protect your folders because you are on a shared computer, search your Windows help for password. Other than that, your firewall should protect you from hacking.
custodian Posted March 21, 2006 Posted March 21, 2006 the .htaccess work great, but they are not for your local system. When you veiw any folder with your web browser on a web server, the .htaccess files work flawlessly. My Contributions Henry Smith
♥Vger Posted March 21, 2006 Posted March 21, 2006 Be aware that .htaccess doesn't work on Windows servers. You'll need to use the Password or Directory Protection feature in your web hosting control panel for Password Protection on Windows. Vger
Recommended Posts
Archived
This topic is now archived and is closed to further replies.