peppers Posted May 3, 2003 Posted May 3, 2003 I osCommerce version is 2.2 ms1, after install. The guest can browse and modify admin pages directly. My admin tools directory is http://mydomain/catalog/admin , at this time everyone can use that.. :( What can i solve this security risk? Any veteran help me? I'am a rookie, thanks!!!!!! :oops:
thunderbirdnest Posted May 3, 2003 Posted May 3, 2003 you would need to setup a htaccess file... what control panel do you use on your server? (EX: Ensim, Cpanel, etc...?) so of these prgs, allow you to add this file with a few clicks otherwise you will have to create this yourself. http://www.washington.edu/computing/web/pu...g/htaccess.html <-- read more there :-D
networkdad Posted May 3, 2003 Posted May 3, 2003 Secure up the directory. If you don't know how...start reading up on .htaccess (if you are using linux/apache) http://javascriptkit.com/howto/htaccess.shtml You may be able to secure the directories thru your control panel (if you have one). If you dont know what i'm talking about, i'd ask your hosting provider for some help on securing the directory.
orchard Posted May 3, 2003 Posted May 3, 2003 Password protect the directory, either using tools in your host's control panel (or equivalent) or by using a .htaccess file. In olden times the men were made of iron and the ships were made of wood; now it's the other way around. :wink:
peppers Posted May 3, 2003 Author Posted May 3, 2003 Very useful tips, so thanks all veteran: :o but i feel sorry, i don't know what type control panel on my server.. (because i am rookie :( ) :oops: I think i need use notepad create .htaccess, and .htpasswd. I see introduction document already, is very useful. but step is not cleanly. Who Veteran can teach me procedure to do that, i will thanks faithfully :oops:
networkdad Posted May 3, 2003 Posted May 3, 2003 Very useful tips, so thanks all veteran: :o but i feel sorry, i don't know what type control panel on my server.. (because i am rookie :( ) :oops: I think i need use notepad create .htaccess, and .htpasswd. I see introduction document already, is very useful. but step is not cleanly. Who Veteran can teach me procedure to do that, i will thanks faithfully :oops: I'm not sure i can make the instructions any clearer than the one's on this page: http://javascriptkit.com/howto/htaccess3.shtml I'd suggest you ask your hosting provider to lock up the appropriate directory.
Hunkah Posted May 6, 2003 Posted May 6, 2003 http://www.freewebmasterhelp.com/tutorials/htaccess/ Here is another
jaysin Posted May 6, 2003 Posted May 6, 2003 You can use this contribution http://www.oscommerce.com/community/contributions,1 8)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.