What I am afraid is the security of my old opencart 1.5.6.4 can be compromised too easily. In the other hand, for updating my old opencart to newest opencart will require too many time. I also need to configure many of my setting, recheck all the plugins work or not. I understand a bit about programming in PHP.
Well, if you understand a little about programming, just download the latest 1.5.6.5_rc,
it contains all Fixes, still found in v.1.5.6.4. It's only a Release Candidate, and so hidden
from the official OC List, but also the best 1.5.x Version ever made. About 25 Files have
been changed/fixed/updated, compared with v.1.5.6.4, to get a Version, which so far has
not been mentioned in any security-related Topics anywhere.
https://github.com/opencart/opencart/tr ... 306fb75707
---
I am about buying two plugins in short time, one for mobile friendly and one for shipping / delivery. Do you think before buying those new plugins, I should update my 1.5.6.4 opencart, or just read the web about 1.5.6.4 security holes, and tried to fix it?
Well, you don't really have to buy a Theme, to make 1.5.6.x mobile friendly, there are at least
40 nice free + usable Themes available, as well as some Extensions, to make such work, without
changing something 'default' in an existing 1.5.6.4+1.5.6.5_rc Version. Some are fully Bootstrap-3
type Themes, like the fantastic:
OC Bootstrap - Opencart Bootstrap 3 Theme (not default OC-2 style/class compatible!)
https://www.opencart.com/index.php?rout ... n_id=14631
But some free Theme Extensions should be handled with Care, or better, not be touched, because
they partly change existing default things, to an extend, that no other Theme will function anymore,
without fully remove/replace their Code, even DB-Stuff, with default Code, to clear a system out again.
--
Or then, test some of the nice
YOOCART- Zerocart - Panforest.net Variations. Most of them
still have a few minor misses, but that's easy to fix, if one has some knowledge on Code + CSS.
https://www.opencart.com/index.php?rout ... _license=0
And a responsive free v.1.5.6.x Admin Section also exists, if one needs to access Admin on portables:
ImpulsePro 2: OpenCart Admin Theme (Bootstrap) - v2.0.1.5
https://www.opencart.com/index.php?rout ... n_id=13691
---
Another Option would be, to fully Switch to OC-2 Style Front Design, or even replacing the default OC
Theme with a fully responsive OC-2.x Default Code Bootstrap-3 Theme. This can be done, by adding
a VqMod- and module-supported Theme Extension to an existing 1.5.6.x default Installation, or then
install it as complete Installation Package, both offered by famous PEKU (Pekka) from Finland, for free.
https://www.opencart.com/index.php?rout ... ember=peku
It's only drawback could be, that it also has OC v.2.+ like
OcMod installed, by default, for not
much reason, since I was probably one of the very few ever, changing vqmods to ocmods, just to
find out, if and how this works. It does!
But it really makes NO sense, to use OcMod, along
using VqMod!
The good thing about it is, that it can easy be switched off again after installation!
---
And by doing such, the variety on free Designs explodes, since it only takes another Stylesheet
from an existing free OC v2.0.x Design, and possibly a few Pics and a header/footer file,
to generate, what you can see here:
http://www.opencart.li/themes.html
It's the (near!) ultimate solution, still, a drawback could be, that one needs to make existing
1.5.x Extensions able to handle 'responsive Theme' Code. So, if one downloads a free Extension,
one better should make sure, to download both, the 1.5.x and the v.2.0.x Version of it, if available,
to make it
mucho easier, to so get the matching
v.1.5.x Code for the
system/ + controller/ + model/ sections, and the (likely) already matching
v.2.0.x Code for the Theme Sections.
---
So, whatever you decide on, some work will be part of it.
But better don't move up to the latest, it will be replaced by an even later one soon,
to so be not much longer cared about, I assume...
---
Then, for security purpose so my web can not be hacked so easily, which one is the best deal, update my opencart to newest version, or still maintain this old 1.5.6.4 version but try to fix some security hole if I found it? I have done the standard hardening, like htaccess, file permission, right setting, and so on.
Security-wise, I have not found yet anything about 1.5.6.5_rc on the Web, related to
security problems. Still, there might only be a 'some hundreds' amount in Operation,
but even then, we would get to know about around here, I guess...
But OC does usually not only consist out of OC, but some Extensions as well, and
some of them might not meet the requirements. Just like Journal Themes, a couple
of Subversions ago...
And if one also has potentially attacked Software,
like Wordpress or similar things, on such an OC Site, the risk is much greater, compared
to a Situation, where only OC is part of such a Site.
My test Sites list quite many hacking attempts, but so far, not one of them succeeded.
But is also heavy depends on a Hoster, if something almost comes for free, it cannot
be worth much either, just like in real life too !
---
If I prefer maintain my old 1.5.6.4 opencart, what is the best security tips for this purpose?
https://www.opencart.com/index.php?rout ... n_id=25864
https://www.opencart.com/index.php?rout ... n_id=15901
https://www.opencart.com/index.php?rout ... n_id=21836
https://www.opencart.com/index.php?rout ... n_id=21371
https://www.opencart.com/index.php?rout ... n_id=27076
https://www.opencart.com/index.php?rout ... n_id=22023
https://www.opencart.com/index.php?rout ... n_id=20605
https://www.opencart.com/index.php?rout ... n_id=22296
https://www.opencart.com/index.php?rout ... n_id=13529
https://www.opencart.com/index.php?rout ... n_id=17569
Some are doing the same, or just a little different , use, what meet's best.
viewtopic.php?t=166501#p634026
Paid:
https://www.opencart.com/index.php?rout ... n_id=14775
---
Good Luck
Ernie
PS: A bunch of OC Goodies can also be found here:
https://github.com/IP-CAM
---