Hello All,
Here is how to increase your back-office safety:
1 - Connect to your CS-Cart directory with a ftp program (as FileZilla)
2 - Copy your the full path to your CS-Cart directory. In our example:
/usr/www/users/CS-Cart
3 - Download and edit with SciTE your “.htaccess” file
4 - Add this lines in the beginning of your : “.htaccess” file
```php
## password begin ##
AuthUserFile /usr/www/users/CS-Cart/.passwd
AuthName “admin.php”
AuthType Basic
require valid-user
password end ##
```
5 - Save your ".htaccess" file on your server.
6 - Go to:
[url]http://home.flash.net/cgi-bin/pw.pl[/url]
7 - Write an username + password couple. In our Example:
Username: Admin
Password: Admin
[B]However, I recommend another couple of words, or better, a real [URL="http://www.pwcrack.com/passwordgenerator.shtml"]strong password generator[/URL] that is more difficult to hack.[/B]
You can check your password with:
[url]http://www.passwordmeter.com/[/url]
8 - Click on "Encrypt" button
9 - Copy result. In our example:
```php Admin:IrPks1HaxSC0Y ```
10 - With [URL="http://www.scintilla.org/SciTEDownload.html"]SciTE[/URL] create a new file
11 - Paste your username + password result into it (Admin:IrPks1HaxSC0Y).
12 - Save this new file with this name:
```php .passwd ```
13 - Upload this newfile file (.passwd) on your CS-Cart root directory:
```php /usr/www/users/CS-Cart/ ```
This ".passwd" file [B]NEEDS[/B] to be in your CS-Cart [B]ROOT[/B] directory:
```php /usr/www/users/CS-Cart/.passwd ```
14 - Connect to your admin page:
[B]MyWebSite.com/admin.php[/B]
15 - That's it, server should ask you an username + password couple [B]BEFORE[/B] to be able to connect on!
Now it's a [B]LITTLE[/B] bit more difficult to hack your Admin.php!
Lee Li Pop