chrometweaks.org

Need a good web iPage hosting service that is less than 4/month?

Click Here To View All Answers...


First of all Need a good web iPage hosting service that is less than 4/month? Thanks in advance for any response. Another question... I've used the advice found in this forum for disabling someone from simply going to /oscommerce/catalog/admin page and just having access to my admin. This, for me was a great leap forward. However; I have no way of assuring that someone knowing to go to oscommerce/catalog/admin/configuration.php does not have access to my admin panel..

I've visited a few sites done with OsCommerce and have asked for help from store /img/avatar5.jpgs and have received no replies. What I am hoping to find is a way to prevent access to this link without a password..

Please don't mis-understand my request by thinking that I am asking how to prevent oscommerce/admin from going straight to my admin page; but that I am actually asking how to prevent someone that knows the correct address from accessing it without a password..

Whew. That was pulling teeth..

Dana. HELLLLLLLLLLLLLLLLLLLLLP!!!..

Comments (137)

That's a good question. I'm not sure what is the answer. I'll do some research and get back to you if I find an useful answer. You should email the people at iPage as they probably could give you help..

Comment #1

I downloaded the "sun" module. or whatever you call it, from John Faller. Instructions were followed to the letter, I'm sure: 1. Cut and paste sql from admin.sql file into phpmyadmin or in similar fashion..

2. Copy application_top.php and header.php into \catalog\admin\includes folder.

3. Copy adminLogin.php, adminProcesslogin.php and adminLogout.php into \catalog\admin\.

This allowed me to assure that people who visited mysite/com/oscommerce/admin had to login. But it does not assure that no one can access my admin panel by typing in mysite.com/oscommerce/admin/configure.php..

Help me...

Comment #2

Is your webserver Unix (Linux) based, or being hosted on a Windows server?..

Comment #3

I have found that people who have used that have had a problem in understanding how it works. your best bet is to use your host control panel and set your access password there, which in effect blocks the directory from any access, asks for a name and password. it also stores the password outside of the document root, which is another added safety factor...

Comment #4

Well you don't have to store your htpasswd file in the web document root; not all hosts have web control panels either. I'm using my own server so I don't have one..

If the webserver is running Apache (which is quite common on Unix or Linux servers) and offers no customer control panel, .htaccess files are probably the best way to go...

Comment #5

If you run your own server, then you have access to the root, which most people do not have. the control panel sets up an htaccess file, which the majority of the hosts use..

If you have access to your control panel, there is also a contribution which shows how to setup an htaccess file, just search on htaccess in contribution..

Comment #6

I've used the advice found in this forum for disabling someone from simply going to /oscommerce/catalog/admin page and just having access to my admin. This, for me was a great leap forward. However; I have no way of assuring that someone knowing to go to oscommerce/catalog/admin/configuration.php does not have access to my admin panel..

I've visited a few sites done with OsCommerce and have asked for help from store owners and have received no replies. What I am hoping to find is a way to prevent access to this link without a password..

Please don't mis-understand my request by thinking that I am asking how to prevent oscommerce/admin from going straight to my admin page; but that I am actually asking how to prevent someone that knows the correct address from accessing it without a password..

Whew. That was pulling teeth..

Dana. HELLLLLLLLLLLLLLLLLLLLLP!!!..

Comment #7

What method did you use to prevent access to the /catalog/admin? If you used the .htaccess method, any file or directory (folder) below the admin directory should be protected as well...

Comment #8


This question was taken from a support group/message board and re-posted here so others can learn from it.