I searched the documenation & forums for this – Website Defender didn’t like it, and I don’t know what it’s for. If this is for a payment method I don’t use, I would just as soon remove it. This is the warning:
One or more include files with .inc extension were found on your website. Because files with .inc extension are not processed by PHP, an attacker can read the contents of this files by requesting them dirrectly. The source code of server-side scripts helps an attacker to better understand the logic behind the Web application and may help him conduct further attacks.
Include file URL
/shop/payments/dps_files/pxaccess.inc
(my URL)//shop/payments/dps_files/pxaccess.inc
Hello lauraluc,
This file is used for the DPS payment gateway that is integrated in a standard CS-Cart installation. There should not be any security problems with opening this file using a direct link as long as it is an external library of the DPS payment gateway and it can be downloaded from their website. However you can remove this file from your server if need be and if you do not use this payment gateway.
—
Pavel Zyukin
CS-Cart Support team
Thanks for replying! I appreciate it!
Hello lauraluc,
You are welcome.
—
Pavel Zyukin
CS-Cart Support team