Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

Which .htaccess contribution to install?


Recommended Posts

I was looking in the sticky thread for oscommerce 2.2 security.

It is suggesting to install the "Protect your site via htaccess" contrinution here:



Is that still the best one to install?


I also found this one that looks quite good and more recent:

Hardcore security for oscommerce htaccess:



Also the osc_sec. oscommerce security addon. It also includes .htaccess protection:



Im also reading here about htacess password protect. Not sure what this is.


Thanks in advance.

Link to comment
Share on other sites

Each one of them serves a slightly different purpose. The middle link is just a test piece and should not be used on a live website. The last link will protect your website from the specific vulnerabilities that plagued version 2.2 of osCommerce. None of them add protection to your admin directory, that is something you will have to do via the cpanel folder protection feature.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

  • 2 months later...

The middle link is just a test piece and should not be used on a live website.


Had 1st link in my old RC2.2a store no problems, am using it in my new PHP 5.4.21 store, no problems. Have tried link 2 in the new store, all OK apart from, Options All -Indexes, php_value session.use_trans_sid 0 and turn off magic_quotes_gpc. Is your advice re the second link still current? Is the second more secure? Which one should I use now please.





Live shop Phoenix on PHP 7.4 Working my way up the versions.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...