Filed under:

How Can I Secure OSCommerce?

1) Make backups of your database and site files.

2) Update to latest version.  Please note that OSCommerce 3.x is not  the latest version and will not work with Shared Hosting.

3) Remove all unused plugins and 3rd party addons.

4) Remove admin/file_manager.php.

5) Remove admin/define_language.php.

6) Make sure that all files, except for the two configure.php files have permissions no higher than 644.
The permissions for the two configure.php files will vary according to the server your site is on – it could be 644, 444 or 400 which is correct.

7) Permissions on folders should be no higher than 755.
You can use your FTP program to update permission settings.

8) Install and setup the following
# Prevent any injection attacks with Security Pro
# Monitor sites for unauthorised changes with SiteMonitor
# Block elicit access attempts with IP trap
# htaccess protection
# Stop Cross Site Scripting attacks with Anti XSS

9) Review other security advice, for example

Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
article icon Cron Cheat Sheet (Views: 2433)