Comments on: Hacked osCommerce? Here's some essential reading… http://www.clubosc.com/hacked-oscommerce-essential-reading.html Showcasing osCommerce...the good, the bad and the ugly! Mon, 30 Jan 2012 16:32:29 +0000 hourly 1 http://wordpress.org/?v=3.0.5 By: Mark Y http://www.clubosc.com/hacked-oscommerce-essential-reading.html/comment-page-1#comment-6272 Mark Y Fri, 20 Jan 2012 08:48:45 +0000 http://www.clubosc.com/?p=270#comment-6272 A fix for the security issues in osCommerce versions of the 2.2 range can be found here: http://addons.oscommerce.com/info/8283 A fix for the security issues in osCommerce versions of the 2.2 range can be found here: http://addons.oscommerce.com/info/8283

]]> By: Gary http://www.clubosc.com/hacked-oscommerce-essential-reading.html/comment-page-1#comment-4885 Gary Wed, 19 Jan 2011 15:18:48 +0000 http://www.clubosc.com/?p=270#comment-4885 My opinion only;;; Security Pro - Use the very latest one (r7). Sitemonitor - rubbish coded piece of crap, but somewhat useful. Suggest FWR Filesafe instead. IP Trap - pointless .htaccess Protection - inbuilt one is fine Anti-XSS - pointless as SPr7 takes care of it. So, yes to Security Pro and protecting admin via inbuilt htaccess. Maybe to Site Monitor. No to IP Trap and AntiXSS - based on securing 2.3.1. Would say yes to it all, other than IP trap, for securing 2.2 My opinion only;;;

Security Pro – Use the very latest one (r7).

Sitemonitor – rubbish coded piece of crap, but somewhat useful. Suggest FWR Filesafe instead.

IP Trap – pointless

.htaccess Protection – inbuilt one is fine

Anti-XSS – pointless as SPr7 takes care of it.

So, yes to Security Pro and protecting admin via inbuilt htaccess. Maybe to Site Monitor. No to IP Trap and AntiXSS – based on securing 2.3.1.

Would say yes to it all, other than IP trap, for securing 2.2

]]> By: Java Roasters http://www.clubosc.com/hacked-oscommerce-essential-reading.html/comment-page-1#comment-4884 Java Roasters Wed, 19 Jan 2011 15:02:55 +0000 http://www.clubosc.com/?p=270#comment-4884 These five mods; Step Three: further securing your shop Install the following security mods: Security Pro Sitemonitor IP Trap .htaccess Protection Anti-XSS These five mods;

Step Three: further securing your shop

Install the following security mods:

Security Pro
Sitemonitor
IP Trap
.htaccess Protection
Anti-XSS

]]> By: Gary http://www.clubosc.com/hacked-oscommerce-essential-reading.html/comment-page-1#comment-4882 Gary Wed, 19 Jan 2011 09:59:21 +0000 http://www.clubosc.com/?p=270#comment-4882 "Would you recommend the 5 security mods for all versions of osC shops including the 2.3 series?" What 5 security mods are you talking of? The chosen few might be ones that I never use anyway lol Let me know and I'll advise what I use. "Would you recommend the 5 security mods for all versions of osC shops including the 2.3 series?"

What 5 security mods are you talking of? The chosen few might be ones that I never use anyway lol Let me know and I'll advise what I use.

]]> By: Java Roasters http://www.clubosc.com/hacked-oscommerce-essential-reading.html/comment-page-1#comment-4881 Java Roasters Wed, 19 Jan 2011 03:05:10 +0000 http://www.clubosc.com/?p=270#comment-4881 @Xpajun Don't put your new admin name in your main robots.txt file but create a new one in your admin folder and place the following lines in it; User-agent: * Disallow: / It can be found in this contribution http://addons.oscommerce.com/info/2162 @Gary Would you recommend the 5 security mods for all versions of osC shops including the 2.3 series? @Xpajun

Don't put your new admin name in your main robots.txt file but create a new one in your admin folder and place the following lines in it;

User-agent: *
Disallow: /

It can be found in this contribution http://addons.oscommerce.com/info/2162

@Gary Would you recommend the 5 security mods for all versions of osC shops including the 2.3 series?

]]>