Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Permission 777 required to write files


ashishraj

Recommended Posts

I have successfully installed the MS2. However, while using features where the oscommerce need to write something, like in /images , /backup directory, it requires that the permission for that directory be set to 777, otherwise it gives following error:

Error: Graphs directory is not writeable.

 

If I set that permission, it becomes highly insecure, just anybody can do anything. How do I get around that.

 

Secondly, while installation, oscommerce warns that the admin is insecure. How do I secure that?

 

Thank you friends for your support!

Link to comment
Share on other sites

I wouldn't worry too much about the security of the catalog pages. Remember, any hacker would still have to determine the username and password to FTP to your site, and there's no critical information stored in the catalog. The administration section is another problem, since this potentially gives a hacker access to sensitive information. The best way here is to password protect the administration directory. Make sure to use a password that doesn't break easily.

Link to comment
Share on other sites

  • 1 month later...

I am using mamnoserver and osc with mambo you have to login to admin. cookie,htaccess, and i forget the other right now. I do the cookie for section only .I notice with osc admin is wide open no login or out . Have I screwed up some where here ? I lookd in /admin/login.php there is none ?

There a good link that allso helps with the shipping on how to set it up. canadain shipping last thing i want is to have some one pay and no shipping added :( That would be a no no :)

mambo and osc are pretty darn good so far . I spent all night setting up the images and adding the used computer items and still a ways to go. but I'd like to get the shipping done and then remove the don't buy because nothing will be shipped :)

Link to comment
Share on other sites

ashishraj, if someone has access to your account to blindly write/delete images from your images folder, believe me, that's the least of your problems. All that 777 for your images folder means as all accounts on your unix server can read from write to the images folder. This is needed so osC can write to your images folder. If you disable write, then osC can't write.

 

Backup. Backup. Backup. (Then sleep at night)

- - - -

Sometimes, ignorance is bliss.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...