Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

how good is .htaccess?


rockstar

Recommended Posts

how good is this .htaccess tool? is it as good as actually securing the admin folder with ssl? I just installed osc on a server and am considering trying to secure the admin folder with ssl. My server does offer a tool to password protect different directories (using a popup login/password box like .htaccess) and this is working fine, but i just wanted to know if it was really secure or if i should try and configure the admin folder to be ssl enabled.

 

will i need to worry about hackers stealing my clients' credit card info, or messing up my site? thanks,

 

rockstar

Link to comment
Share on other sites

how good is this .htaccess tool? is it as good as actually securing the admin folder with ssl? I just installed osc on a server and am considering trying to secure the admin folder with ssl. My server does offer a tool to password protect different directories (using a popup login/password box like .htaccess) and this is working fine

Your server's control panel is most likely using .htaccess to perform the password protection. That's fine.

 

In my opinion using ssl on the admin is a waste of time and effort. ssl only protects data in transit and I'd guess that 99% of your admin traffic will be uninteresting to anyone but you.

 

You should not be storing complete credit card info in your database in any case and ssl would not stop a hacker from gaining that info from the db, it would only make it hard to intercept it while you were reading it from the server.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...