Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

which permission has to be set for the file .htaccess


Deniz.kamuran

Recommended Posts

Someone please help me. I am just starting out and I got the below message on the Admin page.

 

Additional Protection With htaccess/htpasswd

This osCommerce Online Merchant Administration Tool installation is not additionally secured through htaccess/htpasswd means.

The following files need to be writable by the web server to enable the htaccess/htpasswd security layer:

 

 

When I tried to fix it through my website provide they said that I need to contact OsCommerec service provider and confirm which permission has to be set for the file .htaccess .

Link to comment
Share on other sites

Are you sure the complaint is about .htaccess? Is it actually complaining about other files, such as .htpasswd, instead of (or in addition to) .htaccess? Is it complaining that it can't write to that directory?

Link to comment
Share on other sites

Yes.

The following files need to be writable by the web server to enable the htaccess/htpasswd security layer:

Then it lists .htaccess and .htpasswd_oscommerce.

 

But, I have already deleted .htpasswd_oscommerce and set the .htaccess to 666.

Link to comment
Share on other sites

666 is not always writable! Your host may be using security software such as suPHP, which blocks access to a 666 file or 777 directory (both "world writable"). Start with 644 for a file, then try 664, and as a last resort, 666. osC is looking for the ability for PHP to write to the file, so 644 won't be adequate if PHP isn't running as "owner".

 

Are you sure you're looking in the right place(s)? Maybe it's a different set of .ht* files it's complaining about? This would be in the /catalog/<admin whatever you changed it to>/ directory, not the site root / or osC root /catalog/, if that's where you're looking.

Link to comment
Share on other sites

  • 2 weeks later...

I am having the exact same problem. When I first log into the Admin side, I get a message that says, This is a properly configured installation of osCommerce Online Merchant!

 

But when I went in to add a user, I got the same messages regarding the .htaccess files. Again, in a previous screen I was told to delete the .htaccess_oscommerce file which I did yet now it says to change the permissions?

 

The .htaccess file is in an admin file that I was also asked to rename during configuration. The path is: [domain name]/catalog/[folder name].htaccess.

 

The other thing is that there is a red button under "Secured by htpasswd" so it seems that this is definitely a problem?

 

Would love to get this sorted before I start doing the shop design.

Link to comment
Share on other sites

  • 2 months later...

not sure if i have the same problem you are talking about here. when i choose to protect a user with htaccess i get this error:

Not Acceptable

 

An appropriate representation of the requested resource /admin/administrators.php could not be found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

 

- in addition, if i create a user without a htaccess protection, the user / pass is invalid and can't not login.

- i tried to change permissions to 666, 644, 664, 777 with no success.

- i tried to open the htpasswd_oscommerce and add manually the user with an Apache generated password, it worked fine. but even though i need to find a solution do it from the admin page.

 

working on a OSC 2.3.1

PHP version: 5.2.17

Link to comment
Share on other sites

  • 5 months later...

Not acceptable sounds like a 406 error. Usually there's some inconsistency with language codes sent by the browser and what's acceptable to the host. I would talk with your hosting tech support about that.

 

I cant even find this file

.htaccess files may be "hidden" by default. Look over your hosting control panel (File Manager) very carefully to see if there is an option to "unhide" hidden files. Ask your hosting tech support if you can find no such thing. /.htaccess should exist on every Apache ("Linux") server, but may be empty. Lower level directories (below root / ) usually don't have one unless you put it there manually.

 

Note that if you're on a Windows server with IIS, there is no .htaccess file. They use other methods for doing similar functions, which I'm not familiar enough with to discuss.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...