Securing OpenCart

Posted by Paul on October 25, 2013

No computer system can ever be 100% secure, as proven recently by security breaches at Facebook, Twitter, Apple and Microsoft. But there are some simple steps you can take to deter all but the most determined hacker.

Rename your Admin Folder
There are automated robots looking for vulnerabilities and attempting different passwords all over the Internet. If someone knows your website runs on OpenCart then they'll know how to get to your password entry screen. Make it harder by renaming the /admin folder. Make sure you also update the paths to it in /config.php and /admin/config.php.

Use Strong OpenCart Passwords and Rename the Admin User
If you haven't had some sort of hacking attempt before, you're probably very new to the web, very lucky or you already use strong passwords. I'm surprised regularly by people who think it's okay to use admin/admin as a password. Let's be clear - NEVER DO THIS! In addition to using a strong password it can be better to rename the admin user to something like your last name as this is a non-default setting which would be harder to guess.

What is a Strong Password?
A strong password is not a dictionary word (such as "sausages") or even a word with numbers added instead of letters such as "p4ssw0rd". A password made up this way is said to be a "munged password" and we've seen several of these being hacked recently. So the best sort of password to use is one that looks like this "jndl420R3KAmOz7". You can either hit random keys on your keyboard or use this handy tool: http://strongpasswordgenerator.com/ Of course you'll need to make a note of it somewhere safe, but unfortunately it is essential to use this sort of password or stronger.

cPanel and FTP Passwords
The most important passwords of all are your cPanel and FTP passwords. Make sure these are "strong" as defined above.

Create a Separate Database User
Your cPanel should allow you to create a separate database user and you should do this with a different password to any of your other passwords. This is partly because these passwords are stored in the config.php files and therefore potentially could fall in to the wrong hands.

Keep Your Software Updated
When a vulnerability in a piece of software is found, it's released on the Internet and hackers begin to search for websites that haven't been updated. Software vendors also rush to fix the vulnerability and release a patch. Keeping your software updated will mean you have the latest patches and are less likely to get hacked. This applies not just to your version of OpenCart but also to your Operating System such as Windows, Apple Mac OS or Linux.

Run Anti-Virus Software and Use a Firewall
If a hacker has access to your own computer then they may well be able to access your website from here, using saved browser passwords for example. Make sure you're always running anti-virus software and a good firewall.

Backups
Keeping good backups (and regularly testing them) is the first rule of working with computers. You need to make sure you're with a web host that can restore your site to a daily, weekly or monthly backup if the worst happens and your site is compromised and broken. Without these it may take a developer A LOT of time to find out what's happened and put it right. It's also recommneded to keep your own local copy of your website.

Be Careful Who You Share Passwords With
It goes without saying that, like your bank card PIN, you should be careful who you share your passwords with and change them once any third parties no longer require access to website.

Conclusion
The amount of hacking in the world is increasing and in our view will only continue to increase. The steps listed above are by no means comprehensive but will help to prevent the less sophisticated hacker.

blog comments powered by Disqus

Testimonials

Thank you all for the hard work, it has paid off, it looks good. The logo is great to promote the practice and the website we can be proud of. Thank you again.

Biddy Arnott, Group Analytic Practice Ltd

We are really delighted with the finished product, it has far exceeded our expectations... Many thanks again for your support and setting up what I feel is the best Alzheimer's website in the country.

Lynne, MK Alzheimer's

Excellent company with outstanding knowledge of opencart and how to get the best from it. If you are looking for a reliable and professional company to work with I wouldn't hesitate to recommend these guys.

Ashley Morrison, Lockertek

Merged two previously HUGE separate sites (website and webstore) into one streamlined website with integrated store, with improved social media and mailing list results. Joe helped communicate complicated jargon into simpler terms, solved issues/queries quickly, and the follow up support has been invaluable.

Jo, Cold Spring Records

Thanks for your hard work, it's very much appreciated.

Colin Farndale, CJF Motorcycles

Taken on both smaller and large projects to a very high standard. Delivered on time, with a professional level of service. Always better than we envisioned. Staff are always ready to help with any issues we have. Really pleased with the results of Antropy, and hopefully we can do more business together in the future!

Josh, Toyland Toyshop

Very impressed with the quick service! There is nothing more we need help with right now but we would certainly use you in the future for other issues or alterations we may have. Thank you very much!

Jemma, Aquafayre

We recently started using Antropy for our OpenCart website as internal IT is swamped and we needed back up and they have been great. Work is quick and efficient, we never need to ask for something twice and communication is good. Gives us confidence that when we need something to be done, it will be and to a high standard.

Dominic Old, The Wasabi Company

Antropy not only gave freely of their time to talk with me, they had the patience to teach me as we went along. They came up with various ideas that allowed me to choose what I liked best and with their guidance we got exactly the website we dreamed about.

David, RC Geeks

We found Antropy to be very responsive and approachable to work with. They gladly took our own designs and transformed them into an easy-to-manage website. Communication was easy and any requests for change were promptly done. Many thanks for the work!

John Caiger, Matraxis

Just wanted to say a big thank you for all your help and support thus far. You've been absolutely brilliant. You've given me absolute confidence that when there is a problem it is sorted which really gives me peace of mind.

Tracy, FLUX

The deliveries are now incredibly clear and there is no more admin work on this side which is excellent. It’s amazing really and I think our customers enjoy knowing exactly when they are getting it unlike nearly every other furniture company out there! Thanks for this.

Jonathan Haskins, Get Laid Beds

Excellent work, delivered in a friendly and consultative way throughout the whole process. For a small company such as my own it was great to be guided through the process, and all my requests were responded to and I felt involved from start to finish.

Phil Saville, Rook Systems

After many years of trying to update my website, dealing with problematic code, delays, etc, I found Antropy about 10 years ago. I can not say enough great things about the quality of their coding and stability of my website along with the professionalism of their staff. I now have a well functioning website that has stood the test of time. Our site is an e-commerce site so that having it up and running is crucial to our business. On the rare occasion that there is a problem with the site, Antropy's team is quick and responsive to finding the problem and fixing it quickly.

Lynn Reznick, Off The Mark

Always helpful and extremely responsive to any request and once the project has been rolled out they continue to assist you with great help and advice to make the most of your website

Jamie Chandler, Newvotek

Good to work with, very straight forward

Grant Berry, Home World

Thanks again for all your hard work on the 3D renders … the results have been fantastic and I look forward to working together again in the future.

Kim, Kimberley-Jane: Design

Wow, I am speechless. Thank you so much, this is perfect !!!! Thank you, thank you !!!

Marios Pantelli, Sewing Machine Company

We worked with Antropy on our new webshop at kikgoes.nl in the past months. We have enjoyed working with them because of their extensive knowledge of Opencart and the rapid pace of development. We regularly added requirements to the projects and we've never had anything that couldn't be done. We look forward to working with Antropy again for new projects or adjustments to our webshop!

Joël van Daalen, Kik Cycleparts

Firstly, thanks ever so much to you and your team for getting these two sites up and running. It’s a pleasure to work with people who are so helpful and responsive to our requirements. We’re very happy with both sites and all seems to be working fine.

Aidan, Nauticalia

Securing OpenCart

Testimonials

Services

About

Contact

Social