Protect With htaccess/htpasswd

[maomdq]

Hi,

 

ref the issue posted http://www.oscommerce.com/forums/topic/367298-additional-protection-with-htaccesshtpasswd/ .

 

i get similar issue.

 

 

i upgraded my osc to v 2.3.4 but i can not get the option to check,

 

by the way,my osc always shows those warming message at admin area,

 

i try to re-upload the new files of v 2.3.4 to my osc site,

 

/catalog/admin/includes/languages/mylanguage/administrators.php

/catalog/admin/administrators.php

 

 

but i still can not find the option to check,

 

is it possible any reason make it ?

 

 

thank you.

[MrPhil]

If your hosting service's control panel offers "password protect directory", use that instead of what osC provided. It's much more likely to work correctly for you. Only if your host doesn't offer such a service or setting, should you attempt to manually set it up. Even then, systems vary, so only use what osC provides as a guideline, and be prepared to do some trial and error experimentation.

[maomdq]

If your hosting service's control panel offers "password protect directory", use that instead of what osC provided. It's much more likely to work correctly for you. Only if your host doesn't offer such a service or setting, should you attempt to manually set it up. Even then, systems vary, so only use what osC provides as a guideline, and be prepared to do some trial and error experimentation.

 

Hi,

 

i can set it from my cpanel,but osc admin area will shows with the warming and i hope to let the warming off.

 

 

thank you.

[Hotclutch]

Go to Admin - configuration - Administrators. Then click edit, you will see the option to set a password and to protect with htaccess.

[MrPhil]

Won't that try to modify .htaccess and related files (a second time, in this case)? If someone sets up password protection via their hosting control panel, how can we tell osC to shut up about it? If there isn't a switch to "Relax, I took care of this another way", a code modification may be needed to shut off the warning.

[zefeena]

Is this the same problem i'm having?

I get these messages when I do the 'security checks'.

I'm not sure what i'm supposed to do with them.  But I have done the password protect in the cpanel for my site

 

 

Admin HTTP Authentication admin_http_authentication HTTP Authentication has not been set up for the osCommerce Administration Tool - please set this up in your web server configuration to further protect the Administration Tool from unauthorized access.

 

 

ext/ Directory Listing ext_directory_listing The /ext/directory is publicly accessible and/or browsable - please disable directory listing for this directory in your web server configuration.

[maomdq]

do you see the checkbox on your page ?

[zefeena]

Hi,

I clicked on the preview and it goes to a page where I t tells you what to do, though it looks rather complicated, and i'm a little worried may make my site inaccessible!