Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

i have a double question


xerxes

Recommended Posts

Posted

1, its a good idea to have SSL for security but im

not on a dedicated server. so my question is this

how secure is SSL on a shared box linux box ?

 

i did hear about hackers can steal identity via

session because both the hacker and yourself are

on the same box.

 

2, i have enabled Check/Money Order and configured

that module for "pending" i then pretended to purchase

an item, at the end of my test puchase the message said

words to this effect

"your items will be shipped out to you 4 -5 days"

would'nt it be better if that message said something like

" your items will be sent as soon as we can confirm your payment"

 

how can i change this message without affecting the credit card payments,

as credit cards payments can be confirmed under 5 seconds and i would

need the "your items will be shipped out to you 4 -5 days" message again

 

3 i noticed that the folder "catalog" is often referenced like for example,

installing modules, changing configs or such.

im using a template and though my

shop is working 100% i have no "catalog" folder.

so can someone tell me is this ok?

 

as i said the site, admin and modules seems to be working very well.

 

 

i hope that im allowed to ask so much questions in one post if not then

im sorry and re ask in 3 seperate post

 

thanks in advance

XerXes

Posted

Yeah, it's best to reserve each post for one question, but it's okay.

 

1) SSL is non-negotiable for an e-commerce site. It's a mandate. Customers are giving away their most private details, like their credit card numbers. They'll need reassurance that the data they submit is secure. SSL is a must. See my signature link for more on SSL.

 

2) Go to includes/languages/english/modules/payment/moneyorder.php and tinker with the words there -- just put what you'd like and upload it to the proper directory on your server.

 

3) It's preferable to have your site closer to the root for SEO (search engine optimization). So yes, it's good you don't have a /catalog/ folder, pushing your store one folder away from the root. Simply install the modules as is, as if you don't have a catalog folder.

 

Good luck.

Jason

 

Simple 1-2-3 Intructions on how to get, install and configure SSL

 

The Google Sandbox explained

 

Simple to follow instructions on how to change the look of your OSC

 

How To Make A Horrible OSC Website

 

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

 

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

Posted

hi jpweber

i only now wished that i did see your link before i started to fiddle around.

and as life would have it, i broke my site.

 

i thought i knew best about how to keep hackers out and make my sessions

location more secure :lol: and so i changed the session location from

/tmp to /fre5QTMP. i done this action somewhere in the admin section.

 

what made it worse is i didnt think of creating the new folder for 2 reasons.

1, i dont know where to create it.

2, i thought that the admin does everything else automatic then why not this.

 

now when i goto the test shop i get this message on the top of the screen

" Warning: The sessions directory does not exist: /fre5QTMP. Sessions will not work until this directory is created."

 

i done a search in for this in the forum but did not find anything relating.

so i believe im the only fool that as done this type of action todate.

 

please help, how do i restore this broken file or where is that /tmp directory

because i can not find.

 

thanks in advance

XerXes

Posted

This isn't rocket science. Just change it back to /tmp.

 

If you want to do anything, change the folder name of your admin folder by right-clicking it and selecting "rename" in an FTP tool, or however you do it. Call it something else. All hackers know when they see an OSC site, just type in /admin and they're there. Call it something else. Then go to your (catalog)/admin/includes/configure.php and change all occurrences of "admin" to the newly created folder name.

Jason

 

Simple 1-2-3 Intructions on how to get, install and configure SSL

 

The Google Sandbox explained

 

Simple to follow instructions on how to change the look of your OSC

 

How To Make A Horrible OSC Website

 

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

 

my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...