As you probably know, we work hard to improve the security level of the online stores powered by CS-Cart and Multi-Vendor. We release patch if a vulnerability is found, and inform our clients in due course. But safety of your store is not only our responsibility.
We prepared some basic recommendations for you to follow:
1. Once the installation is complete, perform the following actions:
admin.phpscript (check the Knowledge base for details).
chmod 644 config.local.php
chmod 644 design/.htaccess images/.htaccess
chmod 664 var/.htaccess var/themes_repository/.htaccess
chmod 644 design/index.php images/index.php
chmod 664 var/index.php var/themes_repository/index.php
chmod 644 command leaves the file readable and writable for the file owner and makes it readable for all other system users. The file contents cannot be viewed in a browser though.
2. Always update your CS-Cart or Multi-Vendor to the latest version as it has higher security level.
3. Do not forget to backup your store on a regular basis. In this way you will always have the last stable version of your website to fall back to in case of trouble.
We would like to draw your attention to the add-ons available on our Marketplace, which can help you to backup and secure your store. Currently there are 3 of them:
EZ Admin Helper is a powerful and user friendly add-on that have a number of tools to backup and secure your site. It’s features:
It is easy to schedule all actions mentioned above right from the admin panel of your store. You can have results for any/all tasks emailed to you, plus you can “run now” any action/s manually.
Admin actions by cron is free but still powerful add-on, that will help you to perform automatically the following activities behind the scene:
You can choose this solution if you have some experience with Cron as all settings are performed in Cron.
The last but not the least is Cron jobs. It allows you to perform automatically the following actions at set intervals:
You can have the results for all tasks emailed to you.
We hope that this information was helpful.