trisilla Posted January 12, 2007 Posted January 12, 2007 I installed Oscommerce on Godaddy and I am getting this error on the top of my website. Warning: I am able to write to the configuration file: /catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file. I called Godaddy and they wont change the permissions on the file. They told me the only way that I can get this error to go away is to change the htaccess and htpassword file. I have tried to do my homework on this and I am stumped. They also told me that Oscommerce has huge security holes in it and I should pick another software package. Is this true? If I secure my admin area & change these files will my credit card info be secure? I also have a ssl installed? Can someone please tell me what to do? Thanks, Carolyn
mrserv0n Posted January 12, 2007 Posted January 12, 2007 Well I switched to go daddy also recently and for some reason it doesn't read there permissions the same as other hosts. You just change the file manually in your ftp. They don't need to do it, open your ftp, I use cuteftp, right click the file go to properties and change the permission to one oscommerce will accept. As far as security I seen several of these oscommerce ones get hacked, I mean I would defiantly not store customer credit card info on your site. Once I get an order I get it out of my database. But this software is free and developed by the common man more or less so you get what you pay for I spose. Also with godaddy you cannot pw protect folders from there control panel, I went through the htaccess hell with them also with no results. Someone pointed me to an admin plugin that let me pw protect my admin page, I recommend that even though it is pretty basic.
usernamenone Posted January 12, 2007 Posted January 12, 2007 This is the contrib to secure your admin. http://www.oscommerce.com/community/contri...ogin-Logout_1_3 there is also the admin includes configure that you need to change permissions on, then delete or rename your install folder.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.