Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

osc_sec question


Guest

Recommended Posts

Version 2.3.1 does not actually 'need' any of the security addons although it doesn't hurt to use a few of them. osC_Sec was designed for versions earlier than 2.3 so is not mandatory to use on 2.3 and higher.

 

On the issue of updates, the last update 4.2[r8] will be the final update unless some issues arise.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

If i run ver 2.3.1 do i need to always upated with these addons Did not know if I have to

 

 

 

Thanks

You're question is different than the thread title so I'm not sure if this applies but you should install SiteMonitor. Whether or not 2.3 is secure doesn't mean your host is or that a hacker won't find a new way in tomorrow, or even if someone uploaded a file they didn't mean to. You need to be able to find such changes,which is what SiteMonitor does.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Basically the same. I've uploaded osC_Sec again in the addons section so as to give a better description in the main description box.

 

See the old one here http://addons.oscommerce.com/info/7834

Versus the new one here http://addons.oscommerce.com/info/8283

 

In the process I felt it pertinant to give it a different version number since that will be the last update....yunno...end on a round number. ; )

 

There is a slight difference in the code but not enough to warrant users having to update. I will leave that up to you.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

OK. I was worried that I mis-read that, because I use 2.2 and I have been using the first version all along.

Here, this gives me the opportunity to say Thanks, too. I was using cross-script code and site monitor and a bunch of other code scattered throughout the site and htaccess files, and yours greatly simplified my life. Much Obliged

Link to comment
Share on other sites

Glad to help.

 

While osC_Sec plugs most of the holes in the proverbial dyke for the 2.2 range, because you are using 2.2, I would still suggest you use Sitemonitor if you were considering not using it.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...