pete2007 Posted October 23, 2015 Share Posted October 23, 2015 My website uses osc v2.2 rc1 unfortunately I have so many addons installed on the site its impossible to upgrade to the latest version. Just wanted to know which security updates I should install to help keep the site as secure as it can be? Thank you in advance Link to comment Share on other sites More sharing options...
greasemonkey Posted October 23, 2015 Share Posted October 23, 2015 @@pete2007 , nothing is impossible. I know this because I've been there and done that. First from 2.2 to 2.3 and recently from 2.3.4 to the new community bootstrap version. I have more addon and customization than you could shake a stick at.... So to say. That said. Assuming you are using htaccess on your admin and renamed your admin (to something random) you've done most all you can. I only hope you don't store credit card info in your database. Link to comment Share on other sites More sharing options...
MrPhil Posted October 23, 2015 Share Posted October 23, 2015 It's not just security issues. osC 2.2 is incompatible with most current PHP installations (5.4 and maybe 5.3), and needs to be fixed to keep running. Take a long, hard look at what you have for add-ons and custom modifications. Install a test copy of 2.3.4 (and a copy of the database) and see what's already built-in, what's available as add-ons, and what modifications you'll have to make to older add-ons. You may be pleasantly surprised at how little you'll need to do, especially if many of your old add-ons are there for layout issues (now handled mostly with CSS) rather than data and functionality. In the long run, it will be a lot less effort to migrate your data to a fresh 2.3.4 install (and stay fairly current) than to try to keep patching something as ancient as 2.2 RC1. If nothing else, getting up to date will force you to discover and review what add-ons you actually have (you've probably forgotten a few), and whether you still need them. Link to comment Share on other sites More sharing options...
Mort-lemur Posted October 24, 2015 Share Posted October 24, 2015 @@pete2007 Like above - nothing is impossible. I was using 2.2RC2a and updated to 2.3.4 - take a look at my profile for the mods I have installed and working, also take a look at this link for my update adventure: http://www.oscommerce.com/forums/topic/395359-modding-up-a-new-2334-install-documented/ I then used another route to make my site responsive rather than use the BS version. Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members. Link to comment Share on other sites More sharing options...
douglaswalker Posted October 24, 2015 Share Posted October 24, 2015 I whole-heartedly agree with the sentiments here. I went from a 2.2 with lots of mods to bootstrap.It took me a while but was really worth it. Lots of help here and some inexpensive addons sorted me out. Very worth the effort :D Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 25, 2015 Share Posted October 25, 2015 @@pete2007 The best thing to do would be to upgrade as others have mentioned. But in answer to your question, there really aren't any security updates, to speak of, for your version. If you can find the rc2a version, you could upgrade to it and that would add a few. But security updates are never released for oscommerce as full packages so there will be many security holes in your shop that are not fixed by that upgrade. You can run your site through this security tester to see if there are any obvious security holes. And there are security-type addons like http://addons.oscommerce.com/info/4441 and osc sec, and others that will help, though those should be installed no matter which version of oscommerce you use. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.