Search the Community

Yes it is an old site (osCommerce Online Merchant v2.2 RC2a). I am trying to block 10.x.x.x addresses. This is a hosted site so maybe from internal addresses on the hosting system? In the domain root is the htaccess file, with permissions set to 755, which contains the following; <snip> order allow,deny deny from 4.79.204.36 deny from 5.9.54.16 deny from 5.39.85.81 deny from 10.179.0.0/30 deny from 37.187.56.47 <snip> allow from all <snip> But I am still seeing 10.x.x.x entries. I have tried quite a few variants of the "deny from 10.179.0.0/30" line from a simple "10" to what is there now. Am I missing something simple or just being dumb?

I am moving my store to a new server - My NEW SYSTEM operating environment Ubuntu 18.04.2 LTS PHP version: 7.2.19-0ubuntu0.18.04.1 mysql Ver 14.14 Distrib 5.7.27 OSCommerce 2.3.4 Before anyone points out that the OSC bootstrap version is better - I am simply moving the store from one server to another. My question involves the usage of .htaccess to password protect the access to the admin section ASSUME OSC admin username is CharlesDuncan OSC admin password is Duncan2345 WHY is it if those are entered in the .htpasswd file that the OSC login screen is bypassed and the user is placed on the administration screen of OSC? ANY OTHER user name and password combination for .htaccess puts the user on the login screen called by login.php?action=process To verifiy this I went to my existing production server and tested it. The production server operates with older versions of Ubuntu, php, and MySql but the same OSC version. It does the same thing. Obviously I immediately removed the new entry in .htpasswd BUT I was wondering if others have ran into this.