FantasyArt Posted January 16, 2013 Share Posted January 16, 2013 I am having problems securing my admin side of the site. I had recently had it all secured with the .htaccess/.htpasswd_oscommerce setup. It was fine until I got an SSL Certificate installed by my Host which then gave us more problems then benefits so we oped to remove it for awhile. After it was removed the Red bar stating that the .htaccess & .htpasswd_oscommerce had to be written came up again. I have tried to change the permission on the .htaccess & .htpasswd_oscommerce to 777 and followed the information that came up in Red, deleting the section of information on the .htaccess and deleting the .htpasswd_oscommerce file. Once I did this it just goes back to the same Red bar again saying that the files had to be written. I have attached a screen shot of the Red Bar that I am referring to, hopefully this will help with solving the problem. Before someone states that I shouldn't have removed the SSL Certificate, I know this and am going to place it back onto the site once this issue is resolved and find how to set it up on specific pages instead of the whole site. Would appreciate all the help I can receive on this topic. Link to comment Share on other sites More sharing options...
Guest Posted January 17, 2013 Share Posted January 17, 2013 @@FantasyArt Change the file permissions to 644 so osCommerce can write the changes to them. Currently, they are not writable so osCommerce can't secure the admin side. Chris Link to comment Share on other sites More sharing options...
FantasyArt Posted January 17, 2013 Author Share Posted January 17, 2013 Have done what you suggested and still goes back to what it said before, e.g. Attached thumbnail. Don't know what to do. Link to comment Share on other sites More sharing options...
Guest Posted January 17, 2013 Share Posted January 17, 2013 @@FantasyArt That should have worked. I suggest using your cpanel file manager to set .htaccess protection if you can't get osCommerce .htaccess protection working. Chris Link to comment Share on other sites More sharing options...
FantasyArt Posted January 17, 2013 Author Share Posted January 17, 2013 I am changing the permission through the cpanel file manager through our host. Is this what you are referring to? Link to comment Share on other sites More sharing options...
Guest Posted January 17, 2013 Share Posted January 17, 2013 @@FantasyArt Sure, you can use the file manager to change permissions but you can also set directory protection from the file manager, instead of using the osCommerce .htaccess protection. Chris Link to comment Share on other sites More sharing options...
FantasyArt Posted January 17, 2013 Author Share Posted January 17, 2013 Ok not sure how I would do that, could you please refer me to instructions somewhere or tell me how to do it? Sorry am a novice at all this, have been using it since November last year so and only know the basics... Don't even know how to merge the files. Link to comment Share on other sites More sharing options...
Praful Kamble Posted January 17, 2013 Share Posted January 17, 2013 @@FantasyArt Add below code to your .htaccess file of admin: AuthType Basic AuthName "restricted area" AuthUserFile /home5/fantata1/public_html/.htpasswd require valid-user Then create a .htpasswd and place it at root level (/public_html) write your user name and encrypted password in belwo format (username and password seperated by :): username:encrypted password Note: Delete/rename the existing htaccess file in admin and htpasswd_oscommerce file. This code is having your real root path, taken from screenshot you have attached above. Thanks!! Praful Like post..hit LIKE button. osCommerce | Joomla | WordPress | Magento | SEO | CakePHP | CI Guaranteed Website Speed Optimization!! Link to comment Share on other sites More sharing options...
FantasyArt Posted January 17, 2013 Author Share Posted January 17, 2013 Tried what you stated here @@Praful Kamble but still getting the same as the screenshot. This is the .htaccess file below. Maybe this will help sort out all this stuff. # $Id$ # # This is used with Apache WebServers # # For this to work, you must include the parameter 'Options' to # the AllowOverride configuration # # Example: # # <Directory "/usr/local/apache/htdocs"> # AllowOverride Options # </Directory> # # 'All' with also work. (This configuration is in the # apache/conf/httpd.conf file) # The following makes adjustments to the SSL protocol for Internet # Explorer browsers #<IfModule mod_setenvif.c> # <IfDefine SSL> # SetEnvIf User-Agent ".*MSIE.*" \ # nokeepalive ssl-unclean-shutdown \ # downgrade-1.0 force-response-1.0 # </IfDefine> #</IfModule> # If Search Engine Friendly URLs do not work, try enabling the # following Apache configuration parameter # AcceptPathInfo On # Fix certain PHP values # (commented out by default to prevent errors occuring on certain # servers) # php_value session.use_trans_sid 0 # php_value register_globals 1 AuthType Basic AuthName "restricted area" AuthUserFile /home5/fantata1/public_html/.htpasswd require valid-user AuthUserFile "/home5/fantata1/.htpasswds/public_html/store/admin/passwd" Still getting the error in the screenshot in the first post. Link to comment Share on other sites More sharing options...
Praful Kamble Posted January 17, 2013 Share Posted January 17, 2013 @@FantasyArt Is this .htaccess is from admin side? Create an .htaccess file and put the below code AuthType Basic AuthName "restricted area" AuthUserFile /home5/fantata1/public_html/.htpasswd require valid-user and place .htpasswd file at root level (/public_html) Like post..hit LIKE button. osCommerce | Joomla | WordPress | Magento | SEO | CakePHP | CI Guaranteed Website Speed Optimization!! Link to comment Share on other sites More sharing options...
FantasyArt Posted January 18, 2013 Author Share Posted January 18, 2013 Hope this doesn't come across ad dumb as it sounds to me but is that all the code I put into the .htaccess file and do I place it in the same position as the other one that the post earlier was referring to? @@Praful Kamble If you look at the screenshot you will see the location of the .htaccess file. The above text is what is located in that .htaccess file. Unsure whether to place the .htaccess and .htpasswd_oscommerce in the root level as mentioned above and to whether I call it .htpasswd or .htpasswd_oscommerce? Link to comment Share on other sites More sharing options...
Praful Kamble Posted January 18, 2013 Share Posted January 18, 2013 @@FantasyArt Rename .htpasswd_oscommerce files. .htaccess: place it in admin folder .htpasswd: place it at root level. Like post..hit LIKE button. osCommerce | Joomla | WordPress | Magento | SEO | CakePHP | CI Guaranteed Website Speed Optimization!! Link to comment Share on other sites More sharing options...
FantasyArt Posted January 21, 2013 Author Share Posted January 21, 2013 Still having an issue with this... it either comes up with a 500 Server Error or sends me round and round all the time. Have set everything back to the way it was so I can at least login to the admin side of the site. Any help would be great at this time as its starting to drive me nuts. Link to comment Share on other sites More sharing options...
enagyzer Posted February 5, 2013 Share Posted February 5, 2013 @@FantasyArt I had a similar issue that just drove me nuts. What I did was use some of the advice above and created a .htpasswd_oscommerce file under admin and put in username:encrypted password Link to comment Share on other sites More sharing options...
Praful Kamble Posted February 8, 2013 Share Posted February 8, 2013 @@enagyzer paste the htaccess rule here. Like post..hit LIKE button. osCommerce | Joomla | WordPress | Magento | SEO | CakePHP | CI Guaranteed Website Speed Optimization!! Link to comment Share on other sites More sharing options...
enagyzer Posted February 10, 2013 Share Posted February 10, 2013 @@Praful Kamble ##### OSCOMMERCE ADMIN PROTECTION - BEGIN ##### AuthType Basic AuthName "osCommerce Online Merchant Administration Tool" AuthUserFile /home4/xxxxxx/public_html/myoscommercefolder/admin/.htpasswd_oscommerce Require valid-user ##### OSCOMMERCE ADMIN PROTECTION - END ##### Link to comment Share on other sites More sharing options...
Praful Kamble Posted February 11, 2013 Share Posted February 11, 2013 @@enagyzer Please go through the above conversation. Like post..hit LIKE button. osCommerce | Joomla | WordPress | Magento | SEO | CakePHP | CI Guaranteed Website Speed Optimization!! Link to comment Share on other sites More sharing options...
enagyzer Posted February 11, 2013 Share Posted February 11, 2013 This is in response to the issue: .htaccess/.htpasswd_oscommerce To keep it simple, all I did was to create .htpasswd_oscommerce with the code: username:encrypted password I then, uploaded it to catalog/admin The .htaccess rule above is generated automatically in the .htaccess so no need to paste it in there Link to comment Share on other sites More sharing options...
FantasyArt Posted February 15, 2013 Author Share Posted February 15, 2013 @@enagyzer and @@Praful Kamble when you say to place username:encrypted password do I put in the username I use to log into the site followed by the password I use to log into the site? Or do I just put username:encrypted password Thanks for the help. Link to comment Share on other sites More sharing options...
enagyzer Posted February 16, 2013 Share Posted February 16, 2013 dont put your username. Just put the text : username:encrypted password Link to comment Share on other sites More sharing options...
diaza Posted July 13, 2013 Share Posted July 13, 2013 Hi @@FantasyArt Where you able to fix the problem? I'm having the same issue! I tried all different ways suggested on this post and didn't work for me. What finally worked for you? Best regards Link to comment Share on other sites More sharing options...
FantasyArt Posted July 13, 2013 Author Share Posted July 13, 2013 Hi @@diaza Unfortunately I was unable to get this working with all the information that the others have provided, to this day it is still an issue with our site. If you find a solution I would be very happy to hear what you did to fix it please. Best of luck and hope you are able to solve it. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.