Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Sign in to follow this  
Guest

osc_sec question

Recommended Posts

Guest

If i run ver 2.3.1 do i need to always upated with these addons Did not know if I have to

 

 

 

Thanks

Share this post


Link to post
Share on other sites

Version 2.3.1 does not actually 'need' any of the security addons although it doesn't hurt to use a few of them. osC_Sec was designed for versions earlier than 2.3 so is not mandatory to use on 2.3 and higher.

 

On the issue of updates, the last update 4.2[r8] will be the final update unless some issues arise.


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

If i run ver 2.3.1 do i need to always upated with these addons Did not know if I have to

 

 

 

Thanks

You're question is different than the thread title so I'm not sure if this applies but you should install SiteMonitor. Whether or not 2.3 is secure doesn't mean your host is or that a hacker won't find a new way in tomorrow, or even if someone uploaded a file they didn't mean to. You need to be able to find such changes,which is what SiteMonitor does.


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Share this post


Link to post
Share on other sites

Basically the same. I've uploaded osC_Sec again in the addons section so as to give a better description in the main description box.

 

See the old one here http://addons.oscommerce.com/info/7834

Versus the new one here http://addons.oscommerce.com/info/8283

 

In the process I felt it pertinant to give it a different version number since that will be the last update....yunno...end on a round number. ; )

 

There is a slight difference in the code but not enough to warrant users having to update. I will leave that up to you.


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

OK. I was worried that I mis-read that, because I use 2.2 and I have been using the first version all along.

Here, this gives me the opportunity to say Thanks, too. I was using cross-script code and site monitor and a bunch of other code scattered throughout the site and htaccess files, and yours greatly simplified my life. Much Obliged

Share this post


Link to post
Share on other sites

Glad to help.

 

While osC_Sec plugs most of the holes in the proverbial dyke for the 2.2 range, because you are using 2.2, I would still suggest you use Sitemonitor if you were considering not using it.


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×