videosilva Posted March 23, 2018 Share Posted March 23, 2018 Additional Protection With htaccess/htpasswd This osCommerce Online Merchant Administration Tool installation is not additionally secured through htaccess/htpasswd means. The following files need to be writable by the web server to enable the htaccess/htpasswd security layer: /.htaccess /.htpasswd_oscommerce Reload this page to confirm if the correct file permissions have been set. Any help would be greatly appreciated. Link to comment Share on other sites More sharing options...
Jack_mcs Posted March 23, 2018 Share Posted March 23, 2018 You'll need to actually ask a question to get help. But, before you do, I don't suggest using that option. Instead, use the password protect option in your control panel, if it exists. The reason is because the above method will use the same login as the other one for admin. By using the control panel login, you can change the username and password to something else, making it more secure. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
videosilva Posted March 23, 2018 Author Share Posted March 23, 2018 Was that not a question ? Ok, to make it basic How do I make /.htaccess /.htpasswd_oscommerce to be writable by the web server to enable the htaccess/htpasswd security layer. Every website that I ever gone to were someone has THOUSANDS of posts it is ALWAYS the same problem. It is IMPOSSIBLE to accumulate that many posts anywhere no matter how committed you are with ANY EDUCATED INFORMATION ! Now that I look that again. Someone with 28,000 posts would have seen message stated above posted hundreds of times and AUTOMATICALLY had an answer. Example: 1. I have found the answer to the message displayed in the control Panel. 2. Now that I know the answer I can now relay to others. OR Waste of time comments and I could have 28,000 posts ( WILL NEVER HAPPEN IN MY LIFETIME ANYWHERE ). How is a person able to accumulate 28,000 posts ?????????? Link to comment Share on other sites More sharing options...
videosilva Posted March 23, 2018 Author Share Posted March 23, 2018 21 minutes ago, videosilva said: Before you post MORE questions then answers I will try to anticipate your next QUESTIONS. 1. Is it sunny outdoors 2. It is not sunny indoors. 3. Why ? 4. Because the curtains are closed 1.It is cold outside. 2 It is not cold inside the house. 3. Why ? 4. Because we have a heater. Now that we have that down. What is your NEXT question ? For future reference do NOT ever answer a question with another question resulting in 28,000. Link to comment Share on other sites More sharing options...
ArtcoInc Posted March 23, 2018 Share Posted March 23, 2018 @videosilva IF your question is, "How do I set the file permissions for these files to be writable by the Web Server?", then you should be able to set the permission through the cPanel on your host. Otherwise, some FTP clients (such as FileZilla) allow you to change file permissions. If you do not have access to the host (either through cPanel or a FTP client), then you will have to ask someone (your client or their host) for access, or for them to change the permissions for you. If that is NOT your question, please ask it again ... Link to comment Share on other sites More sharing options...
MrPhil Posted March 23, 2018 Share Posted March 23, 2018 Let's not get snippy. As Jack said, you're much better off using your hosting control panel's "password protect a directory" function, rather than trying to set it up using osC files. The only downside is that the osC security center may not recognize that you've done this, and report that your admin is unprotected. If you have to type in an ID and password to get into your admin, it is working. I wish that TPTB would simply remove the osC files and instructions for directory protection, and instead advise people to use their hosting control panel's function. If such a thing is not offered on your system, almost certainly what osC supplies will not work! Link to comment Share on other sites More sharing options...
videosilva Posted March 24, 2018 Author Share Posted March 24, 2018 MrPhill it gets very tiresome always the same thing. A question answered with another question. Common sense has to kick in. Thank you MrPhil and Artcolnc for the reply Never thought of using cPanel. I have always set permissions via FTP. What should the permissions be set to ? 777 etc. ? Link to comment Share on other sites More sharing options...
videosilva Posted March 24, 2018 Author Share Posted March 24, 2018 I am getting that notification in the control panel/configuration/Administrators Link to comment Share on other sites More sharing options...
Jack_mcs Posted March 24, 2018 Share Posted March 24, 2018 videosilva Sorry you weren't happy with my answer. But as you see by Malcolm's post, your question was not clear. I've spent time with other posts like this answering what I thought was the question only to have the op reply that that was not what he wanted. I don't think it is unreasonable to ask you to state the question more clearly. But attacking me, anyone, personally for trying to help you will earn you a bad reputation here. I'll try to remember not to reply to any questions you may have in the future so as not to upset you but if you respond that way to others, you may not find the help you need. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
MrPhil Posted March 24, 2018 Share Posted March 24, 2018 Avoid 777 permissions if at all possible. They are "world writable", and enable anyone sharing your server to overwrite your files (i.e., it's very insecure). Always grant the least permissions to do the job. This is usually 755 for directories and 644 for files, although this can vary by server setup. Usually it depends on what kind of user that PHP is running as, and whether PHP needs to write, edit, or create files. If it is running as "you", 755/644 will usually do. If it is running in your "group", files and directories that need to be written to may need to be 775/664. If it is running as "other/world" (ordinary user), you might need 777/666 for specific directories or files. Experiment (starting with the lowest permission numbers), or talk with your host support. Beware of stupid people who tell you first thing off the bat to "chmod everything to 777". They don't know what they're talking about. At best, they're just repeating something that they learned at their daddy's knee, and don't understand what they're saying. Link to comment Share on other sites More sharing options...
videosilva Posted March 24, 2018 Author Share Posted March 24, 2018 55 minutes ago, Jack_mcs said: videosilva Sorry you weren't happy with my answer. But as you see by Malcolm's post, your question was not clear. I've spent time with other posts like this answering what I thought was the question only to have the op reply that that was not what he wanted. I don't think it is unreasonable to ask you to state the question more clearly. But attacking me, anyone, personally for trying to help you will earn you a bad reputation here. I'll try to remember not to reply to any questions you may have in the future so as not to upset you but if you respond that way to others, you may not find the help you need. CONGRATULATIONS !!!! Post 28,752 Link to comment Share on other sites More sharing options...
videosilva Posted March 24, 2018 Author Share Posted March 24, 2018 33 minutes ago, MrPhil said: Avoid 777 permissions if at all possible. They are "world writable", and enable anyone sharing your server to overwrite your files (i.e., it's very insecure). Always grant the least permissions to do the job. This is usually 755 for directories and 644 for files, although this can vary by server setup. Usually it depends on what kind of user that PHP is running as, and whether PHP needs to write, edit, or create files. If it is running as "you", 755/644 will usually do. If it is running in your "group", files and directories that need to be written to may need to be 775/664. If it is running as "other/world" (ordinary user), you might need 777/666 for specific directories or files. Experiment (starting with the lowest permission numbers), or talk with your host support. Beware of stupid people who tell you first thing off the bat to "chmod everything to 777". They don't know what they're talking about. At best, they're just repeating something that they learned at their daddy's knee, and don't understand what they're saying. Oh, that just made my head spin. Link to comment Share on other sites More sharing options...
videosilva Posted March 24, 2018 Author Share Posted March 24, 2018 Ok, just tried the different combinations but STILL getting the message Additional Protection With htaccess/htpasswd This osCommerce Online Merchant Administration Tool installation is not additionally secured through htaccess/htpasswd means. The following files need to be writable by the web server to enable the htaccess/htpasswd security layer: /home/******/public_html/dvd/admen/.htaccess /home/*****/public_html/dvd/admen/.htpasswd_oscommerce Reload this page to confirm if the correct file permissions have been set. On another note I am unable to find /home/*****/public_html/dvd/admen/.htpasswd_oscommerce I changed the valus for /home/******/public_html/dvd/admen/.htaccess with the ones posted above but I keep getting the same message. Link to comment Share on other sites More sharing options...
videosilva Posted March 24, 2018 Author Share Posted March 24, 2018 Ahhhhhhhhhhhhhhhhhhhhhhhhhhhh..................... I was just in the cPanel for the website. There are NO /home/******/public_html/dvd/admen/.htaccess /home/*****/public_html/dvd/admen/.htpasswd_oscommerce That I could see. I was only able to find /home/******/public_html/dvd/admen/.htaccess via FTP. /home/*****/public_html/dvd/admen/.htpasswd_oscommerce Does not show up via FTP. Hope that makes sense. Link to comment Share on other sites More sharing options...
videosilva Posted March 24, 2018 Author Share Posted March 24, 2018 Nobody is able to decipher this one ? I can not be the only one with this problem ? Link to comment Share on other sites More sharing options...
Dan Cole Posted March 24, 2018 Share Posted March 24, 2018 Paul given your replies to those who were trying to help you I'm not surprised that you are not getting any further help. Remember that those who were replying to your posts are volunteers giving freely of their time and knowledge, just trying to help out. They should be treated with gratitude and respect. At this point you might want to try to make a fresh start. It's probably not to late. Dan Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here. Link to comment Share on other sites More sharing options...
mhsuffolk Posted March 24, 2018 Share Posted March 24, 2018 Attempting to explain this in simple terms. Do this and you can safely ignore the warning message in your original post. In your cPanel look for Directory Privacy in the Files section. It may be called "Password protect directories" Click on it and a list of the directories on the server will appear. Click on your admin directory (which incidentally should have been renamed) and then tick the "Password protect this directory" box, create a user name which can be the same as your OSC login name and a different strong password to your OSC admin one The Enter a name etc box is the text that is displayed to anybody attempting to log in. Humorously I have "What are you doing here? Your Cpanel may look different to mine but the principal is the same for all variations. Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions. Link to comment Share on other sites More sharing options...
burt Posted March 24, 2018 Share Posted March 24, 2018 8 hours ago, videosilva said: CONGRATULATIONS !!!! Post 28,752 Let's be a little bit more professional @videosilva - take this as a friendly warning... Remember that every post you make...is public info and it is very easy to track back and find your shop. Displaying a poor attitude here can make potential customers look elsewhere. A number of shopowners, myself included, know this...to their cost. Link to comment Share on other sites More sharing options...
MrPhil Posted March 24, 2018 Share Posted March 24, 2018 10 hours ago, videosilva said: Oh, that just made my head spin. It can be complicated, but it's stuff you need to know to successfully run a site. Usually it's the minimum settings of 755/644, unless PHP needs to write to certain files, in which case you may need to loosen up (higher number) permissions. Don't bother with fooling with the supplied osC files to password protect your admin. Try using your hosting system's built-in function to protect admin. It's much easier to use and is much more likely to do the job properly. If you can't find it, ask your host tech support. No good host fails to offer this. Link to comment Share on other sites More sharing options...
videosilva Posted March 24, 2018 Author Share Posted March 24, 2018 6 hours ago, burt said: Let's be a little bit more professional @videosilva - take this as a friendly warning... Remember that every post you make...is public info and it is very easy to track back and find your shop. Displaying a poor attitude here can make potential customers look elsewhere. A number of shopowners, myself included, know this...to their cost. 12,000 posts. How did you help this post EXACTLY ? Link to comment Share on other sites More sharing options...
videosilva Posted March 24, 2018 Author Share Posted March 24, 2018 8 hours ago, mhsuffolk said: Attempting to explain this in simple terms. Do this and you can safely ignore the warning message in your original post. In your cPanel look for Directory Privacy in the Files section. It may be called "Password protect directories" Click on it and a list of the directories on the server will appear. Click on your admin directory (which incidentally should have been renamed) and then tick the "Password protect this directory" box, create a user name which can be the same as your OSC login name and a different strong password to your OSC admin one The Enter a name etc box is the text that is displayed to anybody attempting to log in. Humorously I have "What are you doing here? Your Cpanel may look different to mine but the principal is the same for all variations. Got it. Thank you for your time and KNOWLEDGE ! Less then 200 posts IMAGINE that. Link to comment Share on other sites More sharing options...
♥John W Posted March 26, 2018 Share Posted March 26, 2018 You're kind of being a smartass. And not the good kind. I'm not really a dog. Link to comment Share on other sites More sharing options...
♥Tsimi Posted March 27, 2018 Share Posted March 27, 2018 28000+ posts and maybe a few hundred bad ones. 12000+ posts and maybe a few hundred bad ones. You -> 14 posts -> more than half are bad. Well done sir you just set a new record. Keep it up and you won't get past 20. Link to comment Share on other sites More sharing options...
Karæthon Posted December 23, 2018 Share Posted December 23, 2018 Hello gentlemen, I am experiencing the same message and I have no clue what the "htaccess/htpasswd security layer” is or how to enable it. I read the post about securing the admin folder and I tried that but it creates ANOTHER login layer that I'd rather not have to repeatedly use... What is this security layer, and how do I enable it? Link to comment Share on other sites More sharing options...
mhsuffolk Posted December 23, 2018 Share Posted December 23, 2018 IMO securing the admin folder is more secure than the htaccess/htpasswd security layer method. The fact that you have to log in twice is a small price to pay. Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.