Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

NEEDN URGENT Advise Security Problem


Ozguru

Recommended Posts

Please Help

 

I am at a friends places doing some work and decided to log on to do admin on site i've built, I go to page and it opens to the admin page but i am not challanged for a logon and can just move around with out any trouble .. i have never logged on with this machine before so i should have been challanged and i cant seem to find anywhere to fix it or how to fix it

 

 

Desprately waiting as this store is supposed to go live 11/12/06

 

Thanks

 

Bryen "Ozguru" faithfull

Link to comment
Share on other sites

The big question is if your admin ever was protected and how. Did you add a .htaccess and pw to your admin folder or did you add a login contribution?

 

There are so many different versions around, specially with the scripts webhosts offer now, that it's impossible to tell if you have the original (unprotected) version or anything else. Just elaborate a bit more of what osC you got.

 

abra

The First Law of E-Commerce: If the user can't find the product, the user can't buy the product.

 

Feedback and suggestions on my shop welcome.

 

Note: My advice is based on my own experience or on something I read in these forums. No guarantee it'll work for you! Make sure that you always BACKUP the database and the files you are going to change so that you can rollback to a working version if things go wrong.

Link to comment
Share on other sites

Ok elaberating

 

Yes osc 2.2 when it was first installed i had to logon with username and password there are no mods

 

the user name and password where set on installation of osc and the pssword and username are still reqired to access the main domain for frontpage of the websight and the cpanel but not when i go to edit the shop /store/admin

 

 

is this enough info ?

Link to comment
Share on other sites

Sounds as if you only used your admin from within your password protected cpanel and that it was not really protected from the outside world. Just protect the admin directory from within the cpanel and maybe add an admin login contribution.

 

abra

The First Law of E-Commerce: If the user can't find the product, the user can't buy the product.

 

Feedback and suggestions on my shop welcome.

 

Note: My advice is based on my own experience or on something I read in these forums. No guarantee it'll work for you! Make sure that you always BACKUP the database and the files you are going to change so that you can rollback to a working version if things go wrong.

Link to comment
Share on other sites

Please Help

 

I am at a friends places doing some work and decided to log on to do admin on site i've built, I go to page and it opens to the admin page but i am not challanged for a logon and can just move around with out any trouble .. i have never logged on with this machine before so i should have been challanged and i cant seem to find anywhere to fix it or how to fix it

Desprately waiting as this store is supposed to go live 11/12/06

 

Thanks

 

Bryen "Ozguru" faithfull

 

Have you removed the cookies from your browser? If your admin cookie is still present you will not be challenged to log in because of it.

Don't give up. I see light ahead...!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...