Posted - 05/27/2008 : 09:38:34
At Ecommerce Templates we take security very seriously and have put some measures in place to maximize the integrity of your online store.
Please go through the following steps
Make sure your database isn't downloadable
You can test this yourself by typing in the address eg www.yourstoreurl.com/fpdb/vsproducts.mdb. If you receive an option to download the .mdb file then it may mean that people can access your database.
Please check with your host if you have any doubts at all. Most hosts will provide you with a directory below the root of your web with the correct permissions already set.
Change the name of the file vsproducts.mdb
This is quite simple but do back up the database first just in case.
Rename vsproducts.mdb to whateveryoulike.mdb and in db_conn_open.asp change the instance there of vsproducts.mdb to whateveryoulike.mdb
No other changes are necessary
Change the name of the vsadmin folder
This again is quite simple. Download the vsadmin folder, rename it and upload it to ther server again.
In the old vsadmin folder (the one that is still called vsadmin) open includes.asp and add these two lines:
When updating remember you will need to upload the updater files to both the new and old folders.
Make sure you change the name of the vsadmin folder outside of your HTML editor so paths are not messed with.
Change the default password / login
This is the second thing you should do after making sure your database is not downloadable. Also be sure to use DIFFERENT username / password combinations for your control panel, FTP, bank etc etc.
Do make sure that your host has a system in place for backing up your site. You can also make regular back-ups yourself but if there is any problem with your local copy, it's important to be sure the host has a good recent copy.
Check the above points at regular intervals in case permissions get changed or files get overwritten. Passwords and logins should also be regularly changed.
Read our files on fraud and checks