Posted by admin on September 28, 2009 under oScommerce Security, osCommerce Services | 
If you need help in doing all the above we charge a nominal rate of 200 USD.
Please use the contact us form to get in touch with us.
You need to secure oscommerce by doing the following steps
1) Remove admin/file_manager.php
2) Remove admin/define_language.php
3) Make backups of your database and site files, saves a great deal of time & effort cleaning up should anything nasty happen.
4) Install the following useful contributions
Prevent any injection attacks with Security Pro http://addons.oscommerce.com/info/5752
Monitor sites for unauthorised changes with SiteMonitor http://addons.oscommerce.com/info/4441
Block elicit access attempts with IP trap http://addons.oscommerce.com/info/5914
htaccess protection http://addons.oscommerce.com/info/6066
Stop Cross Site Scripting attacks with Anti XSS http://addons.oscommerce.com/info/6044
Make sure that all files, except for the two configure.php files have permissions no higher than 644.
The permissions for the two configure.php files will vary according to the server your site is on – it could be 644, 444 or 400 which is correct.
Permissions on folders should be no higher than 755. If your hosting setup demands permissions of 777 on folders then change host
You can use the contribution at http://addons.oscommerce.com/info/6134 to assist with permission settings.
Other steps to be followed
SECURING THE ADMIN:
By re-naming & password protection
FORMS:
Security Pro cleans the query string, however any forms using $_POST are un-affected, if you have any forms using the post method you would be advised to do the following on pages accepting $_POST vars.
after:
CODE
require(‘includes/application_top.php’);
add:
CODE
// clean posted vars
reset($_POST);
while (list($key, $value) = each($_POST)) {
if (!is_array($_POST[$key])) {
$_POST[$key] = preg_replace(“/[^ a-zA-Z0-9@%:{}_.-]/i”, “”, urldecode($_POST[$key]));
} else { unset($_POST[$key]); } // no arrays expected
}
following the above steps makes the store secure
If you need help in doing all the above we charge a nominal rate of 200 USD.
Please use the contact us form to get in touch with us.
Posted by admin on July 30, 2009 under oScommerce Issues, oScommerce Security, osCommerce Services |
There has been a recent increase of attacks on osCommerce websites using old versions.
Hackers exploit a vulnerability that is usually used for uploading product pictures to the /images directory.
Php files are uploaded in the images directory and executed.
CUstomer and order details are displayed and also emailed to the hackers email address.
Sometimes traces are left by the hacker.
PHP files show up in the images directory (though sometimes they’re deleted after being run).
Gengerally, the following code iframe is added to every product_description and categories_description
We have a process to clean up the database and clean up the images directory
150 USD
Posted by admin on May 17, 2009 under osCommerce Services |
osCommerce Maintenance Plans
Do you want a professional osCommerce expert on call ?
OsComerceCoders.com offers that via tailored osCommerce maintenance plans.
- Install contributionsCreate Tailored custom coding solutions
- Offer advice on the structure and function of your osCommerce store
- Offer advice on Search Engine Optimization and assist you with identifying and implementing Contributions / Strategies for this purpose
All you need to do is decide how many hours per month/quarter you require the assistance of an expert – OsComerceCoders.com can then set-up your personal osCommerce maintenance package.
Tackle the world of online selling and eCommerce with the extensive expertise and knowledge of OsComerceCoders.com by your side.
Our maintenance services includes maintaning the existing osCommerce shop as per your requirements and additional features.
If you are looking to maintain your osCommerce shop and customize your oscommerce store on ongoing basis this package is perfect for you.
This package includes all urgent repairs, patches as and when required and general site maintenance as needed by yourself.
We offer a variety of services to suit each and every website,
and our monthly hourly allowances accumulate if you dont use them in any given month to a maximum of 3 months worth -
please see our comparison chart below for full details.
The service does not include server maintenance,
this is a service to maintain and modify the osCommerce software only.
Graphical modifications and site layout amendments are also not included.
We charge 20 USD per hour and per month fee of 100 usd per month comprising of 5 hours of work per month.
Minimum contract is of 3 months.
Please use the contact us form to get in touch with us today
Posted by admin on under Oscommerce Features, osCommerce Services |
We are providing onepage checkout module installation to oscommerce stores for a flat fee 0f 75 USD.
http://addons.oscommerce.com/info/6646
Drastically increase sales and cart conversions with this modul
Please use the contact form to get in touch with us.
Posted by admin on May 10, 2009 under oScommerce Issues, osCommerce Services |
1016 – Can’t open file
The following error message is shown when a database table is corrupt and can no longer be accessed nor read properly:
1016 – Can’t open file ‘<database table name>.MYI’ (errno: 145)
The error message will always be shown until the database table involved has been repaired.
1016 – Can’t open file Solution
The following methods are available to repair damaged database tables, depending on whether the database server is still running or not:
o Using the “repair table” SQL statement
o Using the “myisamchk” command
The <database table name> part in the commands below must be replaced with the actual database table name as shown in the error message.
Using the “repair table” SQL statement
The following SQL statement can be executed when the database server is still running:
repair table <database table name>;
Using the “myisamchk” command
The following command, which is part of the MySQL installation, can be executed on the server when the database server is no longer running:
myisamchk /path/to/database/directory/<database table name>.MYI
References
o MySQL Documentation: 15.1.4.1 Corrupted MyISAM Tables
o MySQL Documentation: 14.5.2.6 REPAIR TABLE Syntax
o MySQL Documentation: 5.6.2.1 myisamchk Invocation Syntax
1030 – Got error 127 from table handler
This indicates the table mentioned is corrupt.
1030 – Got error 127 from table handler Solution
Try running a repair and optimize on the table in phpMyAdmin.
1046 – No Database Selected
This indicates that either no database has been created or the wrong database name DB_DATABASE exists in the configure.php files.
select configuration_key as cfgKey, configuration_value as cfgValue from configuration
1046 – No Database Selected Solution
Check to make sure the database has been created and the catalog/includes/configure.php and catalog/admin/includes/configure.php files for correct database name.
Warning: mysql_connect(): Access denied for user:
The following error message is shown when either the username or password is incorrect for the database connection:
Warning: mysql_connect(): Access denied for user: ‘username@localhost’ (Using password: YES) in /home/username/public_html/shop/includes/functions/database.php on line 19
Unable to connect to database server!
Warning: mysql_connect(): Access denied for user: Solution
You will need to check with your hosting provider the username and password required to access the MySQL database and/or check the catalog/includes/configure.php and catalog/admin/includes/configure.php files for incorrect information.
Warning: mysql_connect(): Can’t connect to local MySQL server through socket
The error Can’t connect to … normally means that there is no MySQL server running on the system or that you are using an incorrect Unix socket filename or TCP/IP port number when trying to connect to the server.
Warning: mysql_connect(): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (111)
in /var/www/html/store/catalog/includes/functions/database.php on line 19
Unable to connect to database server!
Warning: mysql_connect(): Can’t connect to local MySQL server through socket Solution
The following are checks for mysql to see if it is running and setup properly.
1. Start by checking whether there is a process named mysqld running on your server host.
Use ps xa | grep mysqld on Unix or the Task Manager on Windows.
2. It might also be that the server is running, but you are trying to connect using a TCP/IP port, named pipe, or Unix socket file different from those on which the server is listening. To find out what port is used, and where the socket is, you can do:
shell> netstat -l | grep mysql
3. The grant tables must be properly set up so that the server can use them for access control.
One way to determine whether you need to initialize the grant tables is to look for a `mysql’ directory under the data directory. (The data directory normally is named `data’ or `var’ and is located under your MySQL installation directory.) Make sure that you have a file named `user.MYD’ in the `mysql’ database directory. If you do not, execute the mysql_install_db script. After running this script and starting the server, test the initial privileges by executing this command:
shell> mysql -u root test
4. Sometimes a simple restart of mysql will fix the problem.
References
o MySQL Documentation: 5.5.8 Causes of Access denied Errors
o MySQL Documentation: A.2.2 Can’t connect to [local] MySQL server
Warning: mysql_connect(): Host ‘******’ is not allowed
This indicates the wrong server DB_SERVER information in the configure.php files.
Warning: mysql_connect(): Host ‘******’ is not allowed to connect to this MySQL server in *:\******\www\*****\******\includes\functions\database.php on line 19
Unable to connect to database server!
Warning: mysql_connect(): Host ‘******’ is not allowed Solution
Check the catalog/includes/configure.php and catalog/admin/includes/configure.php files for incorrect information.
Warning: Too many connections
The following error message is shown when the maximum number of connections to the database server has been reached:
Warning: Too many connections in /path/to/osCommerce/includes/functions/database.php on line 19 Warning: MySQL Connection Failed: Too many connections in /path/to/osCommerce/includes/functions/database.php on line 19. Unable to connect to database server!
Warning: Too many connections Solution
This problem is common for shared hosting servers and requires correspondance with the server administrator.
This problem is generally not a fault of osCommerce, but can be experienced when osCommerce is installed on budget hosting servers.
Posted by admin on under osCommerce Services |
http://addons.oscommerce.com/info/5857
Resets the Admin Password for versions oscommerce-2.2rc2a and up with the Admin password protected during set up. Will not reset a Admin protected site with .htaccess protection.
If you need support in resetting oscommerce admin password you can use the contact us to get in touch with us.
we charge afforable rates for oscommerce support services
Posted by admin on April 4, 2009 under oScommerce Upgrade, osCommerce Services |
For a flat fee of 40 USD, we are providing oscommerce upgrade services to work with mysql 5 and php5 issues. This upgradation includes only only the base package of oscommerce and does not include upgrading contributions or custom programming with the existing oscommerce store.
Please use the contact us link to get in touch with us.
Posted by admin on January 2, 2009 under osCommerce Services |
OscommerceCoders.com offers installation of osCommerce open source shopping cart software for only US $75.
This includes:
- As-is installation of osCommerce Online Merchant v2.2 RC 2a
- Customization of colors to suit your preference
- Customization of header and footer with your logo and text
- Configuring the shipping and payment options present in the store.
This does not include any addition or install or customization of payment / shipping modules not present in the default install.
Contributions install of oscommerce contrtibution starts from 30 usd depending on the complexity involved.
Please use the contact form to get in touch with us.
