Post by openhwh » Thu Jul 20, 2017 1:02 pm

It seems sha1 and salts implementation is weak? If yes I think there was proposed patch that was not accepted.

What are you thoughts on securing customers passwords? Admin password - simply use random 20 ascii characters :)

Chat to talk about new and cool technologies, including OpenCart. GlobalChat

New member


Tue Oct 25, 2016 7:11 pm

Post by IP_CAM » Fri Jul 21, 2017 10:55 am

FOR SECURITY UN-PRO's only, like me :laugh:
A relative simple way to effectively much better secure the Admin Access, and without the need, to re-name
the Admin Directory. Direct Access to the Admin Login Page is no longer possible for Visitors this way,
as it can be tested here:
To add my 2 Cents ! :D
Secure Admin URL OC v.2.x free, untested! ... n_id=24045
Just change in the VqMod Header:
<name>Secure Admin</name>
<id>Secure Admin</id>
to make it display it's title in VqMod Managers correctly.
Secure MyAdmin OC v.2.x paid, probably same Function as the 1.5.6.x Version linked below. ... n_id=23969
SecureMyAdmin OC v.1.5.x free, as used in some of my Test Shops with great success. ... n_id=15901

For Sale: Turnkey URLs with Opencart installed
My present Opencart Testsite:
Attacker IP Blocks are denied from further access to my Sites!
Just contact me for more Information at:
690 FREE OC Extension-Repositories - from OC v.1.5.x up
on the largest Opencart-Mod Github Site:

User avatar
Legendary Member


Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: No registered users and 1 guest