Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Securiy problem with .htaccess in admin

ogwinilo

By ogwinilo
in General Support

Recommended Posts

ogwinilo

ogwinilo

Posted
Posted

I have already changed the name of the admin folder & made the relevant corresponding changes and everything worked well. After installing .htaccess in admin, I now cant access my admin, the following message is displayed at the top of my logon page:

 

"error: Invalid administrator login attempt"

 

I have come across a similar question in the threads but there was no discernable answer to it. Please help me get through this?

 

Felix

Link to comment
Share on other sites
mdtaylorlrim

♥mdtaylorlrim

Posted
Posted

I have already changed the name of the admin folder & made the relevant corresponding changes and everything worked well. After installing .htaccess in admin, I now cant access my admin, the following message is displayed at the top of my logon page:

 

"error: Invalid administrator login attempt"

 

I have come across a similar question in the threads but there was no discernable answer to it. Please help me get through this?

 

Felix

You realize that the username and password is NOT the same as your osC administrator username and password, right? The .htaccess file has a path to a file that contains the valid username and an encrypted password that will work. What instructions did you follow to install the htaccess file? Your hosting company cPanel or one in a contribution?

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Link to comment
Share on other sites
ogwinilo

ogwinilo

Posted
  • Author
Posted

You realize that the username and password is NOT the same as your osC administrator username and password, right? The .htaccess file has a path to a file that contains the valid username and an encrypted password that will work. What instructions did you follow to install the htaccess file? Your hosting company cPanel or one in a contribution?

 

Hi Mark

 

I followed the contribution's instructions. But before installing the .htaccess contribution, I had used cPanel's Password Protect Directories to protect the admin folder. I wonder if this was an unnecessary duplication and a source of my problem.

 

Thanks again in advance for your time

Link to comment
Share on other sites
ogwinilo

ogwinilo

Posted
  • Author
Posted

Hi Mark

 

I followed the contribution's instructions. But before installing the .htaccess contribution, I had used cPanel's Password Protect Directories to protect the admin folder. I wonder if this was an unnecessary duplication and a source of my problem.

 

Thanks again in advance for your time

 

Hi again Mark

 

I have sorted it out. I reverted back to protecting it via the Password Protect Directories and now able to log in.

 

Thanks

Link to comment
Share on other sites
mdtaylorlrim

♥mdtaylorlrim

Posted
Posted

Hi again Mark

 

I have sorted it out. I reverted back to protecting it via the Password Protect Directories and now able to log in.

 

Thanks

That's exactly what Passwword Protect Directories does...it adds .htaccess files to your directories. I hate it that the M$ world is spilling over into the world of linux...

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Link to comment
Share on other sites
  • 1 year later...
mylittlereddress

mylittlereddress

Posted
Posted

That's exactly what Passwword Protect Directories does...it adds .htaccess files to your directories. I hate it that the M$ world is spilling over into the world of linux...

 

I have just found this thread. Does the above mean that if you have password protect put onto the admin folder using the one supplied by my host, I do not need to add .htaccess using http://addons.oscommerce.com as specifed in the How to secure your osCommerce 2.2 site thread?

 

Thanks

Link to comment
Share on other sites
FIMBLE

FIMBLE

Posted
Posted

Hi Ali

 

So long as you have htaccess protection it is not important how you got it there, either with the add on or with the Cpanel.

Only differences are that you can easily alter the osC one, additionally, it is a dual log in.

So long as the passwords and usernames are the same for the admin then when you log in with osC htaccess in admin it will log you past the normal osC page too.

With the Cpanel method you will need ot log in twice.

Nic

 

 

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites
  • 2 weeks later...
Krock

Krock

Posted
Posted

Hi Ali

 

So long as you have htaccess protection it is not important how you got it there, either with the add on or with the Cpanel.

Only differences are that you can easily alter the osC one, additionally, it is a dual log in.

So long as the passwords and usernames are the same for the admin then when you log in with osC htaccess in admin it will log you past the normal osC page too.

With the Cpanel method you will need ot log in twice.

Nic

 

 

When I try the method : With the Cpanel method you will need to log in twice , for the CPanel lets say Username ad Pasword vil , then admin Username pet , password dog , it doesnot work .

 

It only works if I use the same Paswords that I use for the admin in the Cpanel Username/password !

 

Is that correct or do I someting wrong ?,

 

Hope to read/receive a reply,

 

Ty

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...