Web Tool Bag  
Home · Articles · Downloads · Discussion Forum · Web Links · News Categories · Synonyms DatabaseJune 27 2017 15:23:20
Navigation
Home
Articles
Downloads
Discussion Forum
Web Links
News Categories
Synonyms Database
Search
Users Online
Guests Online: 2
No Members Online

Registered Members: 856
Unactivated Members: 118
Newest Member: lakim
Forum Threads
Newest Threads
Uncaught Error: _reg...
Module build failed:...
Installation
mochi script questions
Redirect with captch...
Hottest Threads
Installation [12]
Any questions and... [5]
Captcha picture d... [4]
Integrate with Vi... [4]
Mods: Sucess/Than... [4]
 
Latest Articles
PHP Fatal error: Ca...
Mouse pointer disapp...
UBUNTU install via U...
Geany tried to acces...
How to create MySql ...
How to secure your OsCommerce store?

How to secure and make safe your OsCommerce store?

Lots of people ask this all too often, especially after they think they've been hacked, so the answers are all here.

You can prevent any injection attacks with Security Pro http://addons.oscommerce.com/info/5752

You can monitor sites for unauthorised changes with SiteMonitor http://addons.oscommerce.com/info/4441

You can block elicit access attempts with IP trap http://addons.oscommerce.com/info/5914

You can add htaccess protection http://addons.oscommerce.com/info/6066

You can stop Cross Site Scripting attacks with Anti XSS http://addons.oscommerce.com/info/6044

Also make sure that all files, except for the two configure.php files have permissions no higher than 644.

The permissions for the two configure.php files will vary according to the server your site is on - it could be 644, 444 or 400 which is correct.

Permissions on folders should be no higher than 755. If your hosting setup demands permissions of 777 on folders then change hosts.

You can add http://addons.oscommerce.com/info/6134 to assist with permission settings.

Secure Config File - This mod will move the shop/includes/configure.php file to below the public_html folder, a more secure location.

SecureTrading STability - Integrates with the SecureTrading STability payment gateway. Note this is the simple version - not the more advanced STability Server which uses an XML Payment Client.

Secure your site with an IP trap - The contribution works by setting up a trap in a folder that only bad bots, or someone poking around in your site will come across (hackers use the Robots.txt to try and find sensitive file on your server) it then redirects then to a message page that tells them they are blocked, at the same time writing their IP number to file. If they try to return they will only get the blocked message.


Secure Admin Login - Logout - One major security problem that we needed to solve is that anyone can use the backspace button on their browser to get back into secure areas on many web sites after logoff. We have merchants using their shopping carts in their stores where security is important from customers and other employees.

Secureandpay module for osCommerce - finally the secureandpay module for osCommerce is ready

Protect your site via htaccess - This contribution contains scripts that help you protect your site via your htaccess file. I came across it as I was researching a problem and thought it would be very handy for sharing. Some great tools here for your protection.


Posted by admin on December 17 2008 16:50:14 3935 Reads · Print
Ratings
Rating is available to Members only.

Please login or register to vote.

No Ratings have been Posted.
Login
Username

Password



Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.
Member Poll
Which PHP framework do you preffer?

Symfony

Zend

CodeIgniter

PHP on TRAX

eZ Components

Fusebox

PhpOpenbiz

Prado

QPHP

Seagull

You must login to vote.
Shoutbox
You must login to post a message.

Vince
03/10/2011 21:17
Hi, How to remove Register from Login screen? I don't want them to register and have full access! if you leave register then they should not have any rights until the admin assigns them

webtoolz
26/09/2011 11:28
Please describe your problem with more details. Thank you.

bimmer98
22/11/2010 20:31
Help. There was a problem with the request; error regarding feedbackzdr form program

Copyright © 2017 - www.webtoolbag.com