Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

password protect and sescure windows 2003 IIS running os commerce admin


sanchito75

Recommended Posts

HI all,

There are alot of great articles on the forums about password protecting the admin for non windows servers , but not a lot of real great visual examples of HOW- TO-DO it for Windows 2003 servers and IIS. For those of you that have your own Windows 2003 web server and you are using IIS for hosting os commerce, this link will help you lock it down the simple way.

 

In my Scenario this works perfect for me as I am hosting this server on my own VMWARE server running windows 2003 VM and I am not sharing this server with anyone else websites. SO PLEASE DO YOUR HOMEWORK FIRST BEFORE DOING ANYTHING BELOW.

 

Preferred Requirements: READ ME FIRST!!!!!!!!!!

1) You must have administrator rigghts to access the server

2) You must be able to RDP (remote Desktop or other remote tools such as VNC and pcnywhere) into the servers public IP or private if you are hosting it yourself or have remote access to the IIS admin tool :)

3) Ensure that if you are sharing this web hosting server with other people that you check with them you can do this. If it is being hosted at hosting company definetly check with their technical support

 

Step1)

Follow this link

http://www.hostmysite.com/support/dedicate...asswordprotect/

 

In this documenation subsitute the oscommerce admin folder for their folder and DO NOT apply this to DEFAULT WEBSITE as you will lock everyone out of the site. Apply only to the admin ( or whatever you named it) folder. If you have any quesitons ask before doing this.

 

Step2) Apply IP Filters to the admin site. Applying IP filters and allowing only source IP address to access the admin will work even better. You can find more info on this at http://www.iis-resources.com

 

Step3) Apply the SSL using the IIS admin to the os commerce admin folder so that it requires SSL connectivty.

 

Step4) Use the IIS lockdown tool ( http://www.iisanswers.com/articles/IIS_Loc...IISLockdown.htm )

 

Step5) lockdown the windows 2003 web server ( http://www.shebeen.com/win2003/ )

 

If you follows these artilce and be smart by asking questions and doing before backups you will have a pretty secure IIS os commerce server

 

Enjoy

Sanchito

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...