Post by Joe1234 » Sat Feb 04, 2023 12:51 am

I'm about to rename my admin folder. Along with all the other stuff that I need to do, I'm thinking the easiest and fastest way to update the modification's admin paths is to do a database query and replace on it. Is this a sound thing to do, or will it cause a problem? Any issues in updating the path this way? If this is OK, is there another table I should be doing this with as well?

Code: Select all

UPDATE  opencart_modification SET xml= REPLACE(xml, '<file path="admin/','<file path="something_new')
Also, I noticed all the file permissions in the storage/vendor/ folder are 755 permission, should I change those to 644....I don't know what those files are for.

And is it a bad idea to just go ahead and set all the files to 600 instead of 644?

Thanks

v3.0.3.9 php 8.1
I'm here for a reason, if your response is contact a/the developer, just don't reply.


Active Member

Posts

Joined
Sat Jan 01, 2022 5:47 am

Post by ADD Creative » Sat Feb 04, 2023 1:35 am

You should not need to change the paths in the XML stored in the database. Just clear and refresh you modifications.

755 for directories and 644 files is very common. Setting files to 600 could be better for PHP configuration files, etc. As it restricts read access. But whether it will work will depend on your hosting, so ask you host.

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by Joe1234 » Sat Feb 04, 2023 3:16 am

Thanks for saving me from that rabbit hole. It was surprisingly easily. I expected it to be 50/50 based on issues I've seen on the forum.

Now, what to do wit the dummy admin folder. Duplicate the face of the admin page with html writeup and a form that goes nowhere? Or, Leave it with a 403 forbidden error?

v3.0.3.9 php 8.1
I'm here for a reason, if your response is contact a/the developer, just don't reply.


Active Member

Posts

Joined
Sat Jan 01, 2022 5:47 am

Post by paulfeakins » Mon Feb 06, 2023 8:14 pm

Joe1234 wrote:
Sat Feb 04, 2023 3:16 am
Now, what to do wit the dummy admin folder. Duplicate the face of the admin page with html writeup and a form that goes nowhere? Or, Leave it with a 403 forbidden error?
If it's the 403 page, double-check that hitting that page causes very very little server load. We've seen it where there's a missing 403 document and it goes through the OC controllers and causes more load that it should, sometimes taking down the site.

UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk


User avatar
Guru Member
Online

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - London Gatwick, United Kingdom

Post by by mona » Tue Feb 07, 2023 2:01 am

Around 99.99% of the parties hitting your admin page are machines.
They do not care what you send back, they post and move on.
You can go through the trouble of making a nice fake admin page (to spite them or something?) or a proper 404/410/403 page but I assure you, they will not see it.
You changed your admin directory name, so any post to that will result in a webserver generated 404.
My suggestion, leave it at that and don't send anything back.

Code: Select all

ErrorDocument 404 %{unescape:%00}

DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am
Who is online

Users browsing this forum: jagall, Semrush [Bot], SohBH and 257 guests