graphicsmart Posted March 1, 2007 Share Posted March 1, 2007 Can anyone tell me the best way to secure the admin area by password? Thanks! GraphicSmart / Wayne Strickland Link to comment Share on other sites More sharing options...
hugejeans Posted March 1, 2007 Share Posted March 1, 2007 Can anyone tell me the best way to secure the admin area by password? Thanks! http://www.oscommerce.com/forums/index.php?showtopic=252188 I found this the other day but haven't had time to try it out so don't know if it works, give it a go and let me know how you get on. Link to comment Share on other sites More sharing options...
jasonabc Posted March 1, 2007 Share Posted March 1, 2007 Click the Password Protect Directories link/icon in your web hosting control panel. Jason My Contributions: Paypal Payflow PRO | Rollover Category Images | Authorize.net Invoice Number Fix Link to comment Share on other sites More sharing options...
graphicsmart Posted March 1, 2007 Author Share Posted March 1, 2007 Click the Password Protect Directories link/icon in your web hosting control panel. GraphicSmart / Wayne Strickland Link to comment Share on other sites More sharing options...
graphicsmart Posted March 1, 2007 Author Share Posted March 1, 2007 Thanks for the input Jason, but I am trying to get this install working locally. I have the installation complete on my own machine / Apache server. I plan to upload once I have all the bugs worked out locally. I just wanted to secure the local admin panel on the Apache server on my own machine... no Control Panel there per se. Is there a way to add in a plesk control panel or some other so that I have that ability locally? Not sure about this. Thanks, Wayne Strickland P.S. I am really wanting to also secure the whole Apache Server that I have installed. I am unsure how to assure that it is secure on my local port... so I have been disconnecting from my internet connection when testing things locally. Any input you have about that would be appreciated also, again... thanks for your input! GraphicSmart / Wayne Strickland Link to comment Share on other sites More sharing options...
jasonabc Posted March 1, 2007 Share Posted March 1, 2007 Why on earth do you want to secure admin on your local machine?? Do other people have access to your computer or something? I leave mine unprotected locally, and then password protect it when it gets uploaded to the webserver using the Password Protect feature provided by my host. If you want to protect it then Bill's instructions in the other post should help. Jason My Contributions: Paypal Payflow PRO | Rollover Category Images | Authorize.net Invoice Number Fix Link to comment Share on other sites More sharing options...
itinerant baker Posted March 1, 2007 Share Posted March 1, 2007 http://www.google.co.uk/search?q=.htaccess...lient=firefox-a The javascriptkit.com link (probably) at the top gives a good outline rundown of what .htaccess can do. Link to comment Share on other sites More sharing options...
graphicsmart Posted March 1, 2007 Author Share Posted March 1, 2007 As you can tell, I am a novice here ... and I was concerned with security on the whole Apache server. I therefore was trying to make sure that the install on the osCommerce was secure because the documentation tells me to make sure to secure the admin panel on the server. I guess that I really need to assure that the Apache server / PHP/ mySqlServer is secure from internet attack if I have the server up and running while connected to the internet as well. Then everyting there would be secure... including the osCommerce install that I have on it. Am I concerened over nothing... or do I just need to make sure that port 80 is secure so that I will not have any problems from the internet while running the Server while online?? I hope that I am making some sense here!? Thanks again, Wayne GraphicSmart / Wayne Strickland Link to comment Share on other sites More sharing options...
itinerant baker Posted March 1, 2007 Share Posted March 1, 2007 Is this your computer that you're running as a server to the outside world or just as a test bed server? If it's the later then you don't really need to secure it (other than for good practise/getting into good habits.) If it's the former then you want to be thinking of security, but this probably isn't the place to ask (or at least ask in one of the other fora rather than the osc specific ones.) Here is a good place to start: http://httpd.apache.org/docs/1.3/misc/security_tips.html Link to comment Share on other sites More sharing options...
graphicsmart Posted March 1, 2007 Author Share Posted March 1, 2007 At this time I am only wanting to use this as a test bed server .... but I have been concerned that it can be accessed via the web whenever I have the Apache server operating while connected to the internet at the same time. I do want anyone to be able to mess with this osCommerce install or anything else on my machine. I was thinking that there was a way to go thru my port 80 whenever both were running.... Apache and my internet connection. I appreciate the link to apache.org and I will check that out. I just do a whole bunch with this computer and full time college online is one.. so I cannot handle attacks and alot of down time. Thanks you all for all your input... I hope that I can keep this all secure. I will ready further from the sources that you have suggested... Thanks! GraphicSmart / Wayne Strickland Link to comment Share on other sites More sharing options...
graphicsmart Posted March 1, 2007 Author Share Posted March 1, 2007 I do not want... of course ... sorry for the typo. ^_^ GraphicSmart / Wayne Strickland Link to comment Share on other sites More sharing options...
jasonabc Posted March 1, 2007 Share Posted March 1, 2007 If you are running Apache locally you don't have to worry about locking down admin folders or ports on your local machine. You should have firewalls etc running which take care of protecting your computer. When you move your site to your webserver then you need to lock down admin. Your host will have taken care of server security. Jason My Contributions: Paypal Payflow PRO | Rollover Category Images | Authorize.net Invoice Number Fix Link to comment Share on other sites More sharing options...
graphicsmart Posted March 1, 2007 Author Share Posted March 1, 2007 Wonderful... I can see that I have been overly concerned.... Thanks! GraphicSmart / Wayne Strickland Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.