HDLLC Posted November 15, 2006 Posted November 15, 2006 Hi- Wanting to get some kind of security in place (password, or the like) for my new install. I'm pretty new to OSC - but looked around. Wanted to see what others are doing for security on the admin portion - and what might work best, and the ins and outs. (htaccess file, permissions on admin folder, contribution, etc.) Thanks in advance! --Jeff
Daemonj Posted November 15, 2006 Posted November 15, 2006 Most people use a combination of .htaccess and an admin contribution and the use of SSL. "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
yort Posted November 16, 2006 Posted November 16, 2006 Most people use a combination of .htaccess and an admin contribution and the use of SSL. So how do "most people do that"? I have ssl but it isnt utilized until customers access there account or the shopping cart. What do you change in .htacess? Do you make the changes to .htacces under root or the file in the admin directory? Sorry Im new. :blush: and dislecsic .htaccess I mean
egattocs Posted November 16, 2006 Posted November 16, 2006 So how do "most people do that"? I have ssl but it isnt utilized until customers access there account or the shopping cart. What do you change in .htacess? Do you make the changes to .htacces under root or the file in the admin directory? Sorry Im new. :blush: and dislecsic .htaccess I mean There is a good guide to .htaccess found here http://www.javascriptkit.com/howto/htaccess3.shtml That link will take you to the part about password protection using .htaccess. I hope that helps! Scott
Daemonj Posted November 16, 2006 Posted November 16, 2006 Most server's control panels have a File Manager or a Password Protection icon. You drill down to where you can select the admin folder and then supply a username and password. You can also go to http://www.webmaster-toolkit.com/htaccess-generator.shtml and enter the username, password, and full path to the admin folder in the respective boxes. Then upload the .htaccess and .htpasswd files to your admin folder via ftp. "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
HDLLC Posted November 16, 2006 Author Posted November 16, 2006 Most server's control panels have a File Manager or a Password Protection icon. You drill down to where you can select the admin folder and then supply a username and password. You can also go to http://www.webmaster-toolkit.com/htaccess-generator.shtml and enter the username, password, and full path to the admin folder in the respective boxes. Then upload the .htaccess and .htpasswd files to your admin folder via ftp. Thanks a ton Jim! Much appreciated! --Jeff
HDLLC Posted November 16, 2006 Author Posted November 16, 2006 One Question- I used that code, then appended the .htaccess file already in my Admin folder... I added the password file it generated too. Now, all it does is as for the username and password. Constantly. I never see the page - just keeps asking for the login/pw info... Any ideas? --Jeff
Daemonj Posted November 17, 2006 Posted November 17, 2006 Did you enter the full path to your admin folder? For example - /home/webs/user/public_html/admin "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
HDLLC Posted November 17, 2006 Author Posted November 17, 2006 Did you enter the full path to your admin folder? For example - /home/webs/user/public_html/admin It's in there - just repeatedly asks for the login information... I have not a clue. The path is full - actually copied from my configure.php file to be certain... Any ideas? Thanks!
HDLLC Posted December 6, 2006 Author Posted December 6, 2006 It's in there - just repeatedly asks for the login information... I have not a clue. The path is full - actually copied from my configure.php file to be certain... Any ideas? Thanks! End user problem - (me). Pulled all of it out, put it back - viola - it works! Sorry - was out for a bit, back into things now. Thanks again for the help! --HD
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.