zefeena Posted June 17, 2012 Share Posted June 17, 2012 Hi, I am familiar with the cpanel, but my new host does not have that and i'm struggling to get my head around it. I have still to sort out the site, so i don't want to block myself out of it, but i suppose i should secure it before i begin? When i click on protect directories on my hosts panel i get the box below. Do i secure catalog/admin or just catalog, or something completely different!! apattern.co.uk Back Add Protected Directory Domain: apattern.co.uk Path: message: Manage Protected Directories There are currently no protected directories for this domain. Running a botched up version of osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help. Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted June 17, 2012 Share Posted June 17, 2012 rename the directory admin to something else. Change the admin directory name in 2 places in /newadmin dir name/includes/configure.php Then password protect the new admin directory. This is called security through obscurity. HTH G Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
MrPhil Posted June 17, 2012 Share Posted June 17, 2012 This is called security through obscurity. To be fair to a noobie, the renaming of admin/ to somethingElse/ is "security through obscurity". That is, the admin directory no longer has a widely known name -- a hacker might have to do some digging or even social engineering to get the name. The password protection is a further layer of protection, requiring another hoop to jump through (ID and password) to get to the Good Stuff. That's certainly not STO. Link to comment Share on other sites More sharing options...
ctec2001 Posted June 18, 2012 Share Posted June 18, 2012 I would also recommend adding osc_sec and IP Trap for additional protection. Do or Do Not, there is no try. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.