Latest News: (loading..)
2 pointsEh? You're talking about the same thing! Anyway, there are up to four layers of protection to keep bad guys out of your shop administration: Using SSL so they can't "snoop" on the admin traffic. The whole site should be under SSL (https) these days, so that's a moot point. Administrator ID and password -- not easily guessable, right? Unguessable admin directory name. The first thing every hacker tries is to get into your <domain>/admin area, so changing admin to something weird is good. Server "password protection" on admin and everything under it. This means having to "log in" a second time to get in. Of course, the ID and password you use is different from the Administrator ID and password, right? Number 4 is the issue at hand. You are much better off using your control panel's "password protect a directory" function than trying to install the files supplied with osCommerce. The former is guaranteed to work and is easy to install, while the latter is iffy and difficult to install. The only downside to using your control panel function is that osC's security check may not recognize that you did it, and report that there is no password protection, when there is. If you have to give two separate logins to get to your admin functions, it's working. Many sites choose not to do #4. It's less secure, but that's up to your comfort level.
1 pointPaul given your replies to those who were trying to help you I'm not surprised that you are not getting any further help. Remember that those who were replying to your posts are volunteers giving freely of their time and knowledge, just trying to help out. They should be treated with gratitude and respect. At this point you might want to try to make a fresh start. It's probably not to late. Dan