Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Securing your admin section w/o chmod


Guest

Recommended Posts

How do I disallow any internet user from going to my admin page and destroying my site at will... www.focus-computers.com/admin (please don't destroy it :-))

 

I have read that the .htacccess file and/or chmod will solve the problem of securing your admin section of osCommerce on Apache/Unix based installs of osCommerce, but I haven't been able to find much help on this subject using:

 

Windows 2000 Server

IIS5.0

Latest version of PHP

Latest version of mySQL

Latest version of osCommerce

 

Is this just simply impossible? :unsure:

 

Thanks for any insight!

 

-Jeff

Link to comment
Share on other sites

If you are working on the local machine you can move your whole admin folder outside of the area that is public.

Or just rename the folder to something like mydoghasfleas and bury it down a directory or two. Just make sure to get the paths right in the config file

 

You'd be surprised how many people gain security through obfuscation.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

If your host provides a password protection..just password protect the admin folder.

 

If your host does not, then you can also get an htaccess script.

 

I won't post the script I use, because someone will think I'm spamming.

 

This is the way I do it, but there's probably other ways also, that I don't know.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...