Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Securing the admin area ?


graphicsmart

Recommended Posts

Thanks for the input Jason, but I am trying to get this install working locally. I have the installation complete on my own machine / Apache server. I plan to upload once I have all the bugs worked out locally. I just wanted to secure the local admin panel on the Apache server on my own machine... no Control Panel there per se. Is there a way to add in a plesk control panel or some other so that I have that ability locally? Not sure about this. Thanks, Wayne Strickland

 

P.S. I am really wanting to also secure the whole Apache Server that I have installed. I am unsure how to assure that it is secure on my local port... so I have been disconnecting from my internet connection when testing things locally. Any input you have about that would be appreciated also, again... thanks for your input!

GraphicSmart / Wayne Strickland

Link to comment
Share on other sites

Why on earth do you want to secure admin on your local machine?? Do other people have access to your computer or something? I leave mine unprotected locally, and then password protect it when it gets uploaded to the webserver using the Password Protect feature provided by my host. If you want to protect it then Bill's instructions in the other post should help.

Link to comment
Share on other sites

As you can tell, I am a novice here ... and I was concerned with security on the whole Apache server. I therefore was trying to make sure that the install on the osCommerce was secure because the documentation tells me to make sure to secure the admin panel on the server. I guess that I really need to assure that the Apache server / PHP/ mySqlServer is secure from internet attack if I have the server up and running while connected to the internet as well. Then everyting there would be secure... including the osCommerce install that I have on it. Am I concerened over nothing... or do I just need to make sure that port 80 is secure so that I will not have any problems from the internet while running the Server while online?? I hope that I am making some sense here!? Thanks again, Wayne

GraphicSmart / Wayne Strickland

Link to comment
Share on other sites

Is this your computer that you're running as a server to the outside world or just as a test bed server? If it's the later then you don't really need to secure it (other than for good practise/getting into good habits.) If it's the former then you want to be thinking of security, but this probably isn't the place to ask (or at least ask in one of the other fora rather than the osc specific ones.)

 

Here is a good place to start:

http://httpd.apache.org/docs/1.3/misc/security_tips.html

Link to comment
Share on other sites

At this time I am only wanting to use this as a test bed server .... but I have been concerned that it can be accessed via the web whenever I have the Apache server operating while connected to the internet at the same time. I do want anyone to be able to mess with this osCommerce install or anything else on my machine. I was thinking that there was a way to go thru my port 80 whenever both were running.... Apache and my internet connection. I appreciate the link to apache.org and I will check that out. I just do a whole bunch with this computer and full time college online is one.. so I cannot handle attacks and alot of down time. Thanks you all for all your input... I hope that I can keep this all secure. I will ready further from the sources that you have suggested... Thanks!

GraphicSmart / Wayne Strickland

Link to comment
Share on other sites

If you are running Apache locally you don't have to worry about locking down admin folders or ports on your local machine. You should have firewalls etc running which take care of protecting your computer. When you move your site to your webserver then you need to lock down admin. Your host will have taken care of server security.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...