PrettyPink Posted February 6, 2004 Share Posted February 6, 2004 Hi! We are running a oscommerce based website that offers downloadable software components. Recently, one of our prospects inadvetantly revealed that he has already downloaded some .php files (actually, files for a custom payment gateway) that he could lay hands on! (files that were actually a part of our own site's payment processing system .. in /includes/modules/payment/ .. not the ones in /download/ folder). This was quite a bolt from the blue for us. If I could, I could give a link to the site here itself .. but I would not, because that is against the forum rules! Could you pls. point out what all could have been wrong in using oscommerce for offering such solutions and our demos? From our side, we have given appropriate permissions (444) all the way and have also secured our admin folder with .htaccess based password protection. Any help would be most appreciated. Rgds PP Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.