More new goodies in RC3 osCommerce

Looking at the up-to-date version of RC3, and I spy more new things;

Ability to change the admin directory name as part of the installation procedure:

We’ve all seen the recent eval problem that has been doing the rounds. Changing the admin directory to a completely random name is a great way to help guard against this. Would be nice to have a “make random name” button here. I might code that up later.

Admin access attempts are now part of the new Action Recorder feature:

and

I previously blogged about the Action Recorder here. You can see that we can now set the number of access attempts and number of minutes between login attempts.

Warning about configure file being writable is now also in the Admin Area:

This should help to make users more aware of what they need to do “next”!!

File manager has now gone:

We all know that the File Manager was a risk, not only because of the recent round of hacks but also because it broke files when saving them. Removing this is a great move.

There’s more stuff, which I’ll blog about again later.

One Reply to “More new goodies in RC3 osCommerce”

  1. To have the admin name change in the install procedure, open up the following file;

    /install/templates/pages/install_3.php

    Add this at the top of the page underneath the

Leave a Reply

Your email address will not be published. Required fields are marked *