I’m definitely going to be purchasing a cart in the next week. I have a couple of concerns and questions.
First, I have seen several forum articles about people’s carts being hacked. Is that a continual issue with cs-cart or was that due to using an outdated version, using the wrong host, or people not setting the permissions up correctly?
Second, is it possible with the full version of the cart to give people different levels of admin… i.e. I have a drop ship vendor in mind that would like to update their own products and styles and would like to give them access to their categories only. (If not, is there any cart that does this?)
Third, can someone recommend a good host that is based in the US? My products will primarily only be of interest to US customers.
Thanks in advance for any responses and I love the full disclosure of being able to search the good and bad in the forum. This forum is obviously not pruned to death like some of the competitor’s carts.
[QUOTE]First, I have seen several forum articles about people’s carts being hacked. Is that a continual issue with cs-cart or was that due to using an outdated version, using the wrong host, or people not setting the permissions up correctly? [/QUOTE]
CS-CART 1.3.5SP4 is very stable the “hacks” are NOT a continual issue. You will find that most sites that are hacked are due to the issues you mentioned above.
[QUOTE]Second, is it possible with the full version of the cart to give people different levels of admin… i.e. I have a drop ship vendor in mind that would like to update their own products and styles and would like to give them access to their categories only. (If not, is there any cart that does this?)[/QUOTE]
Yes, I am doing that now with 1.3.5SP4…you can assign all different levels of admin access.
[QUOTE]Third, can someone recommend a good host that is based in the US? My products will primarily only be of interest to US customers.[/QUOTE]
I have been with InMotionHosting for my corporate website on VPS Hosting for a little over 2 years…they have just been great.
I’m running 4 different websites, one with Joomla/VM and now live with my CS-CART webstore…I have no complaints at all concerning speed.
Since then I decided to try their Shared Hosting for my freelance business and for a little over 6 months everything has been better than expected for sure. No issues.
Not specific to this app, the typical cause of a “site” getting hacked is from hosting your site on a shared server… and someone else on the server is running a vulnerable app… and the webhost has less-than-adequate security in place (sudo, jailed shell, etc).
SPECIFIC to this app, I checked securityfocus.com tonight
(they are one of the Bugtraq exploit/vulnerability reporting sites)
and found there’s only been 3 exploits reported, ever, for cs-cart.
If you check other ecommerce apps, you’ll see that “only 3 ever” is a comparatively darn good track record.
Separately, the new v2 beta of cs-cart is shown as having one reported vulnerability – apparently unpatched, to date. SQL injection vulnerability (ouch).