Guest Posted January 19, 2004 Share Posted January 19, 2004 Aside from regular old directory protection I thought osCommerce had built-in functionality to protect unauthorized users from logging into the Admin area. Mine is wide open without the directory protection and it makes me nervous. What did I miss? Link to comment Share on other sites More sharing options...
HighHobbies.com Posted January 19, 2004 Share Posted January 19, 2004 Mine too... Cant be good in the long run, Any ideas? Link to comment Share on other sites More sharing options...
mattice Posted January 19, 2004 Share Posted January 19, 2004 .htaccess should be more than sufficient to protect it - do a search on the board or on Google on how to install that. Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
Guest Posted January 19, 2004 Share Posted January 19, 2004 IIRC that file should be installed by default, yes? Link to comment Share on other sites More sharing options...
Guest Posted January 19, 2004 Share Posted January 19, 2004 http://www.oscommerce.com/community/contributions,1788 Link to comment Share on other sites More sharing options...
Addy Posted January 19, 2004 Share Posted January 19, 2004 .htaccess would be, but not if your provider runs a IIS server... I cannot create users there and I didn't manage to install the contribution you mention. Instead I get a lot of session-headers errors since installing and removing it! It would be a great improvement if this were a default option in the program... Link to comment Share on other sites More sharing options...
GsmCorner Posted January 19, 2004 Share Posted January 19, 2004 hi, cant you go into your hosting control panel and then File Manager, then password protect the admin directory ? should be somewhere in your control panel anyway.. or install the contrib_AdminAccessWithLevels_1.5.1 contribution ? im new to oscommerce, so i dont know alot about it....but hope that helps Regards Tom Link to comment Share on other sites More sharing options...
thdt98 Posted January 19, 2004 Share Posted January 19, 2004 I had the same problem, I worked on it last night and it worked perfectly well. I found a contribution doing the job very well without a lot of modification. You only need a good FTP properly setup as you need yo see all files like .htaccess You just have to modify the application_top.php ( if I remember) et copying some files and after you have to set your username and password in admin. Backup before it, just in case. Be sure that all files are copied into the right folder (I had this problem last night) But as I am at work and I do not remember witch contribution I used I will post it tonight, UK time. I do know OSC is great but it is not that simple for newbies Thierry Link to comment Share on other sites More sharing options...
thdt98 Posted January 19, 2004 Share Posted January 19, 2004 I posted this as promised Contribution: authorize_admin_by_htaccess http://www.oscommerce.com/community/contributions,1291 Link to comment Share on other sites More sharing options...
bodycraft Posted January 20, 2004 Share Posted January 20, 2004 I tried to use this contribution. And it seems like everything was working fine, up until I got my administrator and password assigned. Then when it asked for login of the administrator, it acted like the password was wrong or something. It kept asking me for log in, and then after three times, would clear and tell me I wasn't authorized. any suggestions? Jeff [email protected] Link to comment Share on other sites More sharing options...
1quicksi Posted January 20, 2004 Share Posted January 20, 2004 Try this one... http://www.oscommerce.com/community/contributions,687/page,2 knowledge base | Contributions | Search Link to comment Share on other sites More sharing options...
thdt98 Posted January 20, 2004 Share Posted January 20, 2004 Hi Jeff I had at the beginning a slight problem like yours, one of the files had not been uploaded proprely and the code to add in application_top.php was not correctly placed. In htacces it is important that the AuthUserFile soit correctly set up to do that you need to know where your admin is placed in your host system. The best is to use telnet or Putty Do you us the password given in the contribution ? If it is the case I think you have to be sure that htacces and passwd are uploaded correctly in the right directory If you follow the installation.txt, it should work I hope it might help, I tried to keep it simple. I learned what I wrote above only the other night. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.