By and large, you should find that you can now work fairly confidently with your osCommerce application. There are, of course, plenty of new things still to be learned and some of them are actually quite important to the safety and well being of your site and business. Not everything is quite so critical, and there a re a few things you might want to learn in order to make your life easier, or even just to spruce up your site a bit.
Accordingly, this chapter presents a kind of grab bag of different topics, which you will no doubt find a use for in the time to come. Specifically, we will:
- Begin by taking a fairly in-depth look at securing the admin tool as well as securing payments
- See how to use a community contribution to provide a new type of report
- Use a community contribution to properly control the purchasing and delivery of downloadable products
- Briefly discuss how to make cool button templates for use throughout your site
- Learn some of the insiders secrets for Search Engine Optimization
Hopefully, by the end of this chapter you will know enough to make you feel confident about the stability, reliability, and future of your online business. After working with osCommerce for some time you will probably find that you have outgrown the advice given in this text and wish to start creating your own additions by writing PHP add-ons or modifying the source code yourself. If that’s the case, consider looking at the professional version of this book for more information.
For now though, let’s get on with the last few topics before you start retailing for real...
Without a doubt, one of the major potential security threats comes from using the administration tool over the Internet. Should someone gain access to this tool on your live site, they could cause untold mischief, and much wailing and gnashing of teeth will ensue. As a result, we are going to enforce the use of a username and password in order to gain access to the admin folder, as well as ensure that the admin folder is only available over a secure server (which uses SSL to encrypt communications).
Note
You might also wish to change the name of the admin folder to something random, which will add a small amount of security in that it may not be immediately obvious to a potential hacker where this web-based tool is housed. If you do so you will need to edit config.php to reflect these changes as none of your file paths should contain the word admin anymore.
Before we do go ahead and secure the admin tool, it is worth considering that forcing communications over HTTPS will slow down whatever interaction we have with the server. It’s a trade‑off; if you don’t think it is necessary to use SSL for communication with your server, then perhaps simply implement password security—but be warned that it is possible to intercept passwords that aren’t transmitted in encrypted form, or over SSL.
The first thing you should do is check your hosting package to see what facilities it has in place in order to password protect your files. More than likely you will simply be given something like a Web Protect option:
In this case, after selecting this option, the following page is presented:
As you can see, all that is required is to check the box at the top left, and add as many new users as you wish to have access to that folder. Bear in mind that you should only create as many accounts as are absolutely necessary (preferably only one) and no more. Having unused accounts lying around is poor security practice. That’s nice and easy to do, but what happens if you don’t have access to this kind of functionality?
In order to enforce the use of a password on a certain folder, you will need to make use of the .htaccess file. This is either present by default or, if it is not, you will need to create a blank text file called .htaccess (with no other extensions) and place it in the admin folder. Now, there are a few things you need to note with regards to the use of .htaccess:
.htaccessis for use by Apache, not PHP or IIS or anything else..htaccesswill influence the security of all subfolders below the folder it is present in, unless there is another.htaccessfile in the subfolder. In this way you can secure an entire directory in one go, or give each subdirectory its own fine-grained security..htaccesswill influence the security of all subfolders below the folder it is present in, unless there is another.htaccessfile in the subfolder. In this way you can secure an entire directory in one go, or give each subdirectory its own fine-grained security.- You need to make sure that you can either use this method of securing files, or can make use of the native security system provided by your host.
.htaccesscommands are one line only. Make sure you use a new line for each separate command.- Please make sure you set permissions on the
.htaccessfiles correctly. If you make it readable by everyone, then your security is compromised. Set it to 644 so that the server can read it, but it is not readable by a browser.
Now, this really assumes that you will not have access to the Apache configuration file on your host’s server, which is more than likely the case. Generally, you should only use .htaccess when you don’t have access to the main configuration file (since this is where security should be implemented from) because using .htaccess slows down your site. That said, .htaccess should still give us enough security for our needs without being too much of a drag on performance, so let’s continue.
The first thing you need to do is create a password file. You should leave this file out of your document root so that browsers cannot access it at all. You can simply create your own password file using the following format if you don’t have access to the htpasswd utility:
username1:password1 username2:password2 ...
Once this file is set up, you can refer to it in your .htaccess file as follows:
AuthType Basic AuthName "Password Required" AuthUserFile ‘homecontechjpasswordspassword’ Require user davidm
This tells Apache that the authentication type we are using is Basic, that the message to be displayed when requesting the username and password is Password Required, that the file to use to check the supplied credentials against is C:Program FilesApache GroupApache2 passwordspassword, and that the user we want is davidm.
Now, for either the Web Protect or .htaccess methods, if everything checks out, then each time you access the admin folder, you get prompted for a username and password, like so:
This is great! We now have a layer of security added to the site to protect the admin folder from a casual hack or two. Of course, we don’t want these passwords submitted over the Internet without using a secure connection, so now we need to ensure that the admin folder is only available over SSL.
The first step is to find out what SSL facilities are available to you on your live site and how you as the host’s client can make use of them. Once you have established that, it should generally be a simple case of implementing that functionality—your service provider will often make this as easy as possible for you, and nine times out of ten it is simply a case of handing over the cash and having SSL enabled for your domain. Be advised that you will more than likely have to pay extra for this facility (and sometimes for extra certificates and so on) but given what you stand to lose if you don’t make use of it, the expense is more than justified.
The host for Contechst Books simply enabled SSL, and all that was required was a couple of modifications to the .htaccess file in the admin folder and to the configure.php file in the admin/includes/ folder. More than likely this is all you will need to do as well, but it is possible that you need to move the admin tool to a secure folder—if this is the case, ensure that you make the necessary modifications to the file paths in the configure.php script. Assuming you need not do this, open up .htaccess in the admin folder and add the following line at the top, like so:
SSLRequireSSL
AuthType Basic
AuthName "Admin Tool"
AuthUserFile "path to your password file"
require valid-user
This forces the use of a secure server in order to access the folder and its contents. If you now try access the non-secure version—in this case, http://www.contechst.com/catalog/admin—you will get a message like the following:
This, of course, is very good news because we haven’t even been prompted for a username and password. Now, it is possible to add a few lines to .htaccess to redirect the browser to a different page instead of simply showing this message, but since we are only securing the admin tool, and since we are only doing it for ourselves because we are the only ones who will access it, this is fine as it is.
Before we check whether the secure site works as planned, edit the configure.php script in the admin/includes folder like so (obviously, substitute in the values that reflect your site’s specifics):
define(‘HTTP_SERVER’, ‘https://www.contechst.com');
This means that instead of trying to access the non-secure URLs when the administrator clicks on a link, the secure site is requested instead. If this setting wasn’t changed, then only the admin/index. php file would be accessed through https; everything after that would revert back to the normal server (which is fine provided you are sure there is no sensitive information being passed thereafter). Having done this, navigate to the secure version of your admin tool, supply your username and password, and then fool around with the links to ensure everything is done through SSL:
It’s easy enough to ensure everything is working as planned! Simply check the URL of your page to verify it is being served by the secure server. If you really need proof, then copy one of the page’s URLs into a new browser and attempt to access the page—you should notice that you are once again prompted for a password, regardless of the file you are trying to access. You may even want to make a couple of changes to check that uploading and downloading of information works.
It is quite likely that you have noticed a slight delay in the time it takes to serve pages now that we are using SSL and .htaccess. This is quite normal, and is the overhead you pay for adding security, because the server needs to do more work with each page it serves.
That’s it! A major potential security hole has now been covered, and provided you use a sensible password (which uses both letters and numbers), you should be reasonably safe from intrusion with respect to the admin tool. There is still a fair way to go before we can breathe a sigh of relief that our store in general is safe—the next task is to use encryption to secure communications between the store’s server and third parties, like PayPal.