Xeno Posted August 3, 2017 Posted August 3, 2017 Hi everybody! I am new to this and need some help with one thing. I don´t know how to fix this. Admin HTTP Authentication admin_http_authentication HTTP Authentication has not been set up for the osCommerce Administration Tool - please set this up in your web server configuration to further protect the Administration Tool from unauthorized access. I must be blind or I am just so tired that I can´t see it :( Anyone who can guide me to fix this config? Thanks in advance
beerbee Posted August 3, 2017 Posted August 3, 2017 Hi, additional htaccess protection is to be set under configuration->administrators. You'd have to tick "Protect With htaccess/htpasswd" and keep in mind the advice displayed there in case of problems. Best regards Christoph
Jack_mcs Posted August 4, 2017 Posted August 4, 2017 Xeno If you want the extra security of the two logins, I don't suggest you use that method. Use one you add from an external source, like your control panel. The reason is because the one in the admin will have the same login as the on-page login so if a hacker gets one login, he will automatically have the other one. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
mcmannehan Posted August 4, 2017 Posted August 4, 2017 @Xeno @beerbee you are right 10 hours ago, beerbee said: Hi, additional htaccess protection is to be set under configuration->administrators. You'd have to tick "Protect With htaccess/htpasswd" and keep in mind the advice displayed there in case of problems. Best regards Christoph but sometimes the server is running on nginx or the don't consider the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] than you can insert the follow to your .htaccess <IfModule mod_rewrite.c> RewriteEngine on RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] </IfModule> The clever one learn from everything and from everybody The normal one learn from his experience The silly one knows everything better [socrates, 412 before Christ] Computers help us with the problems we wouldn't have without them! 99.9% of the bugs sit in front of the computer! My programmed add-ons: WDW EasyTabs 1.0.3, WDW Facebook Like 1.0.0 if(isset($this) || !isset($this)){ // that's the question...
MrPhil Posted August 20, 2017 Posted August 20, 2017 If in doubt, simply use your hosting control panel's "password protect a directory" function. If you use it correctly, you'll need to enter an extra ID and password to get to your admin. You can then ignore any warnings in the Administration Tool that you don't have this protection, as often it can't see the hosting method.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.