Make your opencart cart site secure, why to worry if with simple step you can stop ecommerce hacking
- Delete the install directory when ever the installation is complete. Renaming of the folder works as usual but there remains the security hole so you have to delete the install directory completely.
- For good measure, you should set the following files to 444 or 644
- Change the name of the admin folder and name it different and keep name like “nxtmin193″, something strange so that the hacking software and people cannot find it out.
Then change the word “admin” in admin\config.php file and replace “admin” with “new_name”
- Contrary to claims in another topics, always use a .htpasswd / .htaccess “admin” (mostly done via your CPanel or Flexpanel)
Its unlikely that a hacker knows how to find your admin with the new name, and if found the .htpasswd stops him at a very high level.
Download the zip in the above link and upload it to your server this will save a lot of hijacking. The folder contains the .htaccess files which will not allow direct access to your files and images.
- If you are using extra code then be careful on the use of _POST and _GET as they allow injection of hostile code.
- Escape all code with either type casting or $this->db->escape().
Other will be update on this as things are found
securing you opencart, make your opencart cart site more secure, security issues to be taken consideration for opencart, programming technique to make the opencart site secure,