View Full Version : Admin Security/Login

07-28-2007, 02:09 PM
I just installed osCommerce and looked around a bit. One thing that concerns me (and I may just have overlooked the setting) is that I do not see where to force login credentials to access the admin panel. It seems to me that anyone knowing osCommerce is running, and knows the path to the admin portion, could go in and change everything.

Is there something I am overlooking, or is it really that open to outsiders?


07-28-2007, 03:58 PM
I believe that Westhost's installation relies on .htaccess control

This blog (http://www.phpworks.co.uk/blog/index.php?title=dealing_with_forgotten_oscommerce_ admin_&more=1&c=1&tb=1&pb=1) describes two methods used for protecting your data (.htaccess or session based). You could try Cre Loaded (http://creloaded.com/) if you want. You only have to pay if you want their help ;)

09-15-2007, 02:44 PM
Dear Mike,

If you haven't already gotten this fixed, please submit a ticket with your domain and verification of the Site Manager password at:


I apologize for the trouble.