Securing The Administration Tool

[Div]

You need to .htaccess your /admin directory so that it is password protected. You can use the password manager in your server admin area like cpanel.

 

Okay I think this is already done but I need to make sure. I accessed my cpanel password area and came to this.

 

/public_html/store/admin

 

It showed a lock next to the admin folder so I looked inside and found a box checked with - Folder requires a password to access via http://

 

and my login account as an active user.

 

Does this mean that I am all set with the .htaccess ??

[241]

Browse to your admin and find out if you are protected then a window will appear asking for username and password if this window does not appear then you are not protected

[Div]

Yes it looks to be protected, thx for the quick reply. Im pretty much new to the OSCommerce so I have a couple of pretty easy questions.

 

Is there a site for free templates?

 

Also, is there any guides to actually setting up the look of the stores front page and such. I have gotten through most of the admin tools and such but I am not really sure how to take out the Default stuff that comes up on the front page and add new things, so if there is a good guide that you could point me to I dont mind the reading :)

[241]

there is the wiki docs now called the colaborative documentation effort a link is in my signature to this and catalog info these will tell you about different areas, as for the rest post in the forum if you read the information on the front page of your site it tells you where and what to change to get rid of the text.

catalog/includes/languages/english/index.php and the code

define('TEXT_MAIN', 'This is a default setup of the osCommerce project...');

and even highlights in green the exact bit of the code to change.

 

A bit of advise do not use the online file manager to edit as it is known to cause issues by removing backslashes from the code which results in parse errors, it is far better to use an ftp program such as ws_ftp to download the file edit and upload the file you are better with the ftp program for chmod permission settings as well.

 

More advise when editing code and adding or changing text be carefull of apostrophes ' such as let's or what's these need to be written as let\'s and what\'s otherwise you will get parse errors because the ' is used as code and miss use of apostrophes gets interpreted as code

[Div]

Think I got the hang of it, just need to know if there are any free themes anywhere, I took a search but found mostly $$ ones.

[241]

just mod it yourself that way you get exactly what you want

[khoward]

I just modified my htaccess file as instructed, and the /admin/ directory is now protected. Problem I am having now is a "500 Internal Server Error".

 

I checked the error log and I two things:

 

-/admin/.htaccess: Missing envariable expression for SetEnvIf

 

-Permission denied unable to check htaccess file, ensure it is readable

 

I looked at the .htmaster/.ok_user file and it says AllowOverride All. In the /admin/.htaccess it says AllowOverride Options. I tried to match (both to ALL) them however this did not work. Still the 500 error.

 

Checked file attributes they are all readable and so are the directories (I didn't change anything).

 

What am I forgetting?