Which .htaccess contribution to install?

[karoloydi 0]

I was looking in the sticky thread for oscommerce 2.2 security.

It is suggesting to install the "Protect your site via htaccess" contrinution here:

http://addons.oscommerce.com/info/6066

 

Is that still the best one to install?

 

I also found this one that looks quite good and more recent:

Hardcore security for oscommerce htaccess:

http://addons.oscommerce.com/info/8296

 

Also the osc_sec. oscommerce security addon. It also includes .htaccess protection:

http://addons.oscommerce.com/info/8283

 

Im also reading here about htacess password protect. Not sure what this is.

 

Thanks in advance.

[Taipo 36]

Each one of them serves a slightly different purpose. The middle link is just a test piece and should not be used on a live website. The last link will protect your website from the specific vulnerabilities that plagued version 2.2 of osCommerce. None of them add protection to your admin directory, that is something you will have to do via the cpanel folder protection feature.

[mhsuffolk 62]

The middle link is just a test piece and should not be used on a live website.

 

Had 1st link in my old RC2.2a store no problems, am using it in my new 2.3.3.4 PHP 5.4.21 store, no problems. Have tried link 2 in the new store, all OK apart from, Options All -Indexes, php_value session.use_trans_sid 0 and turn off magic_quotes_gpc. Is your advice re the second link still current? Is the second more secure? Which one should I use now please.

 

Martin

 

Martin