Guest Posted February 25, 2011 Share Posted February 25, 2011 My store is at jgsstore.com - when you click the enter button you get a request for you to enter the admin username/password. The store worked great in the 'sandbox' as well as 'live' (we just went live yesterday) until today and now this. Can any tell me what to do to stop this? Thank you for reading. Link to comment Share on other sites More sharing options...
Guest Posted February 25, 2011 Share Posted February 25, 2011 Gloria, Well, the IP trap worked.....lol You have an .htaccess script in the catalog side of your server which is triggering the .htaccess protection. Remove the protection script in the root .htaccess file Chris Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 Yes I installed it but I never had the problem for at least 24 hours- but yes great to know it works lol But you lost me- are you saying I should delete the public_html/store/.htaccess file? And thank YOU!!! Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 Still need help - please and thank you Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 UPDATE: all of a sudden, at least for me, in firefox, this error seems to have stopped. However, errors do not normally fix themselves so I checked internet explorer and I am still getting the popup asking for admin credentials. I have also been approached by [email protected] (Kaylan) - I can only assume they want money- else I would imagine they could have simply helped me here. Can anyone at all help me on this- please as my partner just keeps adding products to a store there is no way we can possibly use like this. Link to comment Share on other sites More sharing options...
♥kymation Posted February 26, 2011 Share Posted February 26, 2011 Is this login in a popup box or on a page? If it's the popup, look for this code (or something similar) in your root .htaccess file: AuthUserFile /path/to/admin/.passwd AuthName "Protected" AuthType Basic <Limit GET POST PUT> require valid-user </Limit> <Files .passwd> deny from all </Files> If that code exists, delete or comment it out and save. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 Thank YOU! for getting back with me- perhaps this file is the problem- to me my entire .htaccess appears to be commented out- that is what the # sign is for?? --- this is it.... # $Id: .htaccess 1739 2007-12-20 00:52:16Z hpdl $ # # This is used with Apache WebServers # # For this to work, you must include the parameter 'Options' to # the AllowOverride configuration # # Example: # # <Directory "/usr/local/apache/htdocs"> # AllowOverride Options # </Directory> # # 'All' with also work. (This configuration is in the # apache/conf/httpd.conf file) # The following makes adjustments to the SSL protocol for Internet # Explorer browsers #<IfModule mod_setenvif.c> # <IfDefine SSL> # SetEnvIf User-Agent ".*MSIE.*" \ # nokeepalive ssl-unclean-shutdown \ # downgrade-1.0 force-response-1.0 # </IfDefine> #</IfModule> # If Search Engine Friendly URLs do not work, try enabling the # following Apache configuration parameter # AcceptPathInfo On # Fix certain PHP values # (commented out by default to prevent errors occuring on certain # servers) # php_value session.use_trans_sid 0 # php_value register_globals 1 Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 sorry - I should have said - definitely a popup -like what one gets when going to cpanel--- not on a page -- Link to comment Share on other sites More sharing options...
♥kymation Posted February 26, 2011 Share Posted February 26, 2011 That sounds like a .htaccess security popup, but there's nothing in that .htaccess. Yes, everything is commented out. Is your store in the root? If it's installed in a subdirectory, check that as well as the site root. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 No it is jgsstore.com/store/ --within the store folder is the only .htaccess I have --none in true root There is however, the robots.txt file that the directions for the IP trap told me to put it in the root --"needs to be in the ROOT of your store regardless where your actual store is' --the contents of that file are... User-agent: * Disallow: /store/includes/ Disallow: /store/cgi-bin/ Disallow: /store/personal/ Disallow: /store/admin/ NOTE: the /store/admin/ is not the real admin apparently. The /store/personal/ folder nor the /store/cgi-bin/ actually even exist. Doing a search has also revealed there to be an .htaccess file in the /store/includes/ folder -- all is commented out except.. <Files *.php> Order Deny,Allow Deny from all </Files> And still searching, I have found another .htaccess file in /store/my-real-admin/ folder (again, of course my-real-admin is not a real folder) and at the bottom is something similar to what you said to begin with.... ##### OSCOMMERCE ADMIN PROTECTION - BEGIN ##### AuthType Basic AuthName "osCommerce Online Merchant Administration Tool" AuthUserFile /home/jgsstore/public_html/store/my-real-admin/.htpasswd_oscommerce Require valid-user ##### OSCOMMERCE ADMIN PROTECTION - END ##### And again, thank YOU!!! for all your time and trouble!! Link to comment Share on other sites More sharing options...
♥kymation Posted February 26, 2011 Share Posted February 26, 2011 That last chunk of code is what osCommerce uses to protect your Admin. That's what causes the login popup to appear. Normally I would expect this to be in the site root or your store/ folder. It would have to be in the .htaccess file to work. The popup is showing "osCommerce Online Merchant Administration Tool" which leads me to believe it is a copy of the .htaccess from the Admin side. If that .htaccess is not in the store root, then it must be in a subdirectory somewhere. Look through all of the subdirectories for .htaccess files and examine them all for the code you posted (or something similar.) Some subdirectories should have .htaccess files, but none of them should include that code. An easy way to do that is to search for text in all of your files using the search term "AuthType Basic". Your editor or computer operating system has a search feature that will do this for you. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 OK yes it was def that last .htaccess file found in the store's admin folder and NOT the root ........whew!!!!!!! thank YOU!!!!!!!!! Link to comment Share on other sites More sharing options...
♥kymation Posted February 26, 2011 Share Posted February 26, 2011 The .htaccess in the admin folder should not affect the store. If that was truly the case, you have a serious problem with your installation. You need to find out what part of your store is calling content from the admin side and fix that. If you removed the .htaccess protection from your real admin, you have left your site open to hacking. This is very bad. Don't leave your admin unprotected. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 I would not even know where to begin but yes the .htaccess file I 'fixed' was def in my real admin folder. So yea I have no clue where to look since there's not one in my /store/ folder. All was fine until I installed the IP trap - maybe I should go back and remove the comment marks in the admin/.htaccess file - then remove the IP trap stuff? Link to comment Share on other sites More sharing options...
♥kymation Posted February 26, 2011 Share Posted February 26, 2011 It's possible that your IP Trap is causing the problem. I haven't used that code so I don't know where it might have gone wrong. You should ask in the support thread for that Addon. And yes, by all means put the .htaccess protection back on your real admin folder as soon as you can. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 Thank you again, I fixed the admin .htaccess file which immediately caused the popup admin login again. I then completely removed the IP trap which was very simple since it did not overwrite any files to begin with. Unfortunately I am still getting the admin popup login. If it is not something that has occurred 'easily' within the admin area due to some nutty change, then I really don't have a clue. Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2011 Share Posted February 26, 2011 would it not have to first be called from the store/index.php- of course I realize it could then be called from another source. Link to comment Share on other sites More sharing options...
♥kymation Posted February 26, 2011 Share Posted February 26, 2011 Yes, something on the catalog side has to be including an image or some other file from the admin side. First, check your includes/configure.php for any references to your admin folder name. If you don't find it there, do a text search for that name through the entire catalog side of the store. Somewhere in there you will find a reference to your admin. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Xpajun Posted February 27, 2011 Share Posted February 27, 2011 Yes, something on the catalog side has to be including an image or some other file from the admin side. First, check your includes/configure.php for any references to your admin folder name. If you don't find it there, do a text search for that name through the entire catalog side of the store. Somewhere in there you will find a reference to your admin. Regards Jim You mean like inadvertently replacing the catalog/includes/configure.php with the catalog/"admin"/includes/configure.php ? My store is currently running Phoenix 1.0.3.0 I'm currently working on 1.0.7.2 and hope to get it live before 1.0.8.0 arrives (maybe 🙄 ) I used to have a list of add-ons here but I've found that with the ones that supporters of Phoenix get any other add-ons are not really neccessary Link to comment Share on other sites More sharing options...
Guest Posted February 28, 2011 Share Posted February 28, 2011 The config files - I can easily tell they are in their proper place due to the one in the admin calling on the admin folder-- the config file in the store/includes does not. How do I search WITHIN files on windows 7 --I do not see a way to do that - I tried tools/folder options/search tab and chose to always search file names and contents --but if that's right, it did not reveal my admin folder. Link to comment Share on other sites More sharing options...
♥kymation Posted February 28, 2011 Share Posted February 28, 2011 I don't know Windows 7 so I can't give specific instructions. What you did sounds right. Did the search find the new Admin folder itself? There could also be something in the .htaccess file in the store root. Try renaming that temporarily and see what happens. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Guest Posted February 28, 2011 Share Posted February 28, 2011 We had already determined it was not the .htaccess file as everything in it has been commented out. But what is strange, is that so far today the pop-up has not been there. I do not know what is going on- all seems very fishy somehow. I am reinstalling to yet another different folder -hoping the backup actually works and then if it does, and this mess starts again, I really don't see any choice but to use another cart software product. Thanks all - especially JIM! Link to comment Share on other sites More sharing options...
♥kymation Posted February 28, 2011 Share Posted February 28, 2011 Sorry, I sometimes forget what I've said in a thread. It comes from trying to do several things at the same time, a task that programmers are particularly unsuited for. I'm out of ideas at this point. I've never seen a problem like this come and go, nor have I seen one that isn't caused by some attempt to pull content from the protected admin folder. Given all that, I can't believe that osCommerce is at fault. I've installed and modified dozens of installations of osC, and there are many more that others have done here, all without having this problem. I'm beginning to wonder if your host has somehow messed up their server. That's far more likely than osCommerce being the culprit. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.