Post by openhwh » Thu Jul 20, 2017 1:02 pm

It seems sha1 and salts implementation is weak? If yes I think there was proposed patch that was not accepted.

What are you thoughts on securing customers passwords? Admin password - simply use random 20 ascii characters :)

Chat to talk about new and cool technologies, including OpenCart. GlobalChat


New member

Posts

Joined
Tue Oct 25, 2016 7:11 pm

Post by IP_CAM » Fri Jul 21, 2017 10:55 am

FOR SECURITY UN-PRO's only, like me :laugh:
A relative simple way to effectively much better secure the Admin Access, and without the need, to re-name
the Admin Directory. Direct Access to the Admin Login Page is no longer possible for Visitors this way,
as it can be tested here: http://www.bigmax.ch/shop/admin/
To add my 2 Cents ! :D
Ernie
---
Secure Admin URL OC v.2.x free, untested!
https://www.opencart.com/index.php?rout ... n_id=24045
Just change in the VqMod Header:
<name>Secure Admin</name>
to:
<id>Secure Admin</id>
to make it display it's title in VqMod Managers correctly.
--------------
Secure MyAdmin OC v.2.x paid, probably same Function as the 1.5.6.x Version linked below.
https://www.opencart.com/index.php?rout ... n_id=23969
---
SecureMyAdmin OC v.1.5.x free, as used in some of my Test Shops with great success.
https://www.opencart.com/index.php?rout ... n_id=15901
Image

Ernie's OpenCart v.1.5.6.5 LIGHT + OpenShop Admin v.1.75 Test Sites
http://www.ebikes.li - http://www.evelo.li - http://www.openshop.li
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: No registered users and 14 guests