ErikMM Posted November 10, 2010 Share Posted November 10, 2010 I am having issues with all the security add ons: 1. Security Pro-- all the steps went well, but this one: "Go into admin>configuration>FWR Security Pro and turn it on .. (set to true)." I see nothing in admin/cinfiguration 2. Site Monitor-- Step 5: Go to admin->Sitemonitor->Configure, setup the various settings and click Update. It says: "enter any hacker code that you would like to check for" Is it asking me to generate hacker code? Step 6: Go to admin->Sitemonitor->Admin and click the top button. I see no buttons in code, and if I try to open with a browser I get a long error message. 3. IP Trap: the insatll doc says "UPdate to the personal / index.php" Is this the 'home page' index.php, the catalog/index.php, or the admin/index.php? 4. Anti XSS: There is no data or download, the file is empty...0 kb. a-how-to-road-map 2.3.x road-map-for-the-newbies design basics how to make a horrible osC site ssl-how to updated-security-thread Web Developer, Firebug, and Notepad++ are powerful free tools for web design. Link to comment Share on other sites More sharing options...
ErikMM Posted November 10, 2010 Author Share Posted November 10, 2010 I am having issues with all the security add ons: 1. Security Pro-- all the steps went well, but this one: "Go into admin>configuration>FWR Security Pro and turn it on .. (set to true)." I see nothing in admin/cinfiguration 2. Site Monitor-- Step 5: Go to admin->Sitemonitor->Configure, setup the various settings and click Update. It says: "enter any hacker code that you would like to check for" Is it asking me to generate hacker code? Step 6: Go to admin->Sitemonitor->Admin and click the top button. I see no buttons in code, and if I try to open with a browser I get a long error message. 3. IP Trap: the insatll doc says "UPdate to the personal / index.php" Is this the 'home page' index.php, the catalog/index.php, or the admin/index.php? 4. Anti XSS: There is no data or download, the file is empty...0 kb. 5. I don't see this: admin/includes/application_top.php Line 146-151 Change: $redirect = true; } if ($redirect == true) { tep_redirect(tep_href_link(FILENAME_LOGIN)); } To: $redirect = true; } if (!isset($login_request) || isset($HTTP_GET_VARS['login_request']) || isset($HTTP_POST_VARS['login_request']) || isset($HTTP_COOKIE_VARS['login_request']) || isset($HTTP_SESSION_VARS['login_request']) || isset($HTTP_POST_FILES['login_request']) || isset($HTTP_SERVER_VARS['login_request'])) { $redirect = true; } if ($redirect == true) { tep_redirect(tep_href_link(FILENAME_LOGIN)); 6. I also don't have admin/login.php a-how-to-road-map 2.3.x road-map-for-the-newbies design basics how to make a horrible osC site ssl-how to updated-security-thread Web Developer, Firebug, and Notepad++ are powerful free tools for web design. Link to comment Share on other sites More sharing options...
Guest Posted November 10, 2010 Share Posted November 10, 2010 Erik, It could be that you are using an OLD version of osCommerce and you need to update it to the latest stable release. Chris Link to comment Share on other sites More sharing options...
ErikMM Posted November 12, 2010 Author Share Posted November 12, 2010 Thanks. I am using 2.2. a-how-to-road-map 2.3.x road-map-for-the-newbies design basics how to make a horrible osC site ssl-how to updated-security-thread Web Developer, Firebug, and Notepad++ are powerful free tools for web design. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.