網路讀文章

http://www.sitefixit.com/scripts/opencart/how-to-secure-your-opencart-website-improve-opencart-security.php

學習學習

Essential Steps To Do After Installation

  1. Immediately delete the /install/ directory
  2. chmod the config.php file in both the root and /admin/ directories to 444

Creating A Proper 404 Error Page

Create a file named 404.html in your store root (this is the base directory of your OpenCart store). You can put anything in the file. This file will be served to anyone who tries to access something inappropriately.

Securing The /admin/ Folder

  1. To obscure the /admin/ folder, rename it to a more uncommon name, such as /hahaha/. Next, edit the file /admin/config.php and replace the folder name admin with hahaha (or whatever name you renamed the folder to). There should be 5 instances of admin that you have to change. E.g. change define(‘HTTP_SERVER’, ‘http://www.yourdomain.com/admin/’); to define(‘HTTP_SERVER’, ‘http://www.plastictravelbottles.com/hahaha/’);
  2. Password protect your admin folder with htpasswd. If you’re on cPanel web hosting, then you can do this easily with the Password Protect Directories feature. This method will require you to login twice, but it’s well worth it.

Securing The /system/ Folder

 

https://isenselabs.com/posts/11-free-time-saving-opencart-21x-admin-modules-for-easy-management-security

免費套件

Views: 8