Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

What's the worst a hacker can do?


ComposerDainis

Recommended Posts

So, I'm getting closer to implementing osC in a non-secure environment. Payment will be handled by Paypal or 2Checkout, so the CC transactions will all be secure. My osC admin will not be in a secure space.

 

My question is: Should I rethink my store setup and purchase SSL? So, the post below states that "black hat hackers" could get into a non-secure admin area.

 

If somebody decided to be mean, could they edit the names of my customers, maybe even delete orders and such? What's the worst a hacker can do?

 

From thread:

http://www.oscommerce.com/forums/viewtopic.php?t=55144

 

I sure hope someone knows how to get both SSL and .htaccess to work in harmony, because this leaves the Administration section open to black hat hackers.
Link to comment
Share on other sites

mmm. The admin area doesn't hold your customer details, does it??

 

Such details are held onn the server SQL which is password protected and no even available to me via ftp.

 

If you are worried that the password to your database is in the configure.php you can delete it and then re-enter it each time you log on or transfer the admin to a local compter.

 

I suppose transferring the admin will reauire all new defines in admin, but it should work I think.

 

Just a few ideas??? :?

 

Roger

facts invariably distort the truth

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...