Post by Tcalp » Fri May 01, 2015 5:21 pm

Hey Guys,

I've known about this issue since 2.0 was released but never piped up about it. I just sort of assumed that it would be addressed by others, given that it hasn't.

The extension installer in OpenCart 2.0 requires clear text FTP services to be enabled, which violate PCI Compliance, given that so many payment gateways require such compliance, along with so many web hosts disabling said support (aka even GoDaddy has on cPanel services). Who exactly thought this a grand old idea ? :)

Increase Page Speed (#1 rated commercial extension on OpenCart Marketplace)
15in1 Essential Extensions Value Pack Premium Customer Testimonials Reward Points Extended Admin Security Lockdown Suite

Image #opencart

User avatar
Active Member


Wed Jul 06, 2011 1:49 pm

Post by JNeuhoff » Fri May 01, 2015 6:10 pm

Have you posted it as a bug report on github?

In the meantime, for a workaround, disable FTP in the OpenCart admin store settings, and use this Extension Installer bugfix.

MHC Web Design
Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * TrustPilot Reviews * Google Rich Snippets * Google Tag Manager * Export/Import Tool * Template Switcher PHP/Twig

User avatar
Expert Member


Wed Dec 05, 2007 3:38 am

Post by rph » Fri May 01, 2015 11:56 pm

Good catch. It would have been nice if 2.x had been engineered to have extensions in their own directory rather than strewn out all over the core.
JNeuhoff wrote:Have you posted it as a bug report on github?
You're optimistic. :laugh:


Expert Member


Fri Jan 08, 2010 5:05 am
Location - Lincoln, Nebraska
Who is online

Users browsing this forum: No registered users and 27 guests