How can I block specific hacker activity?
Some common attempts to probe your site for old vulnerabilities can be blocked by adding the following code to your store's /.htaccess file.(Blocking probes for old fixed vuln
- 2009-11-15 - Similar Articles

How can I protect my site from malicious attack? Security Recommendations
Steps in Securing Your Zen Cart™ Store   0. SSL Security Protection Tips Without applying extra efforts to your connection on the internet you are wandering arou
- 2009-02-24 - Similar Articles

How can I restrict my employees to just maintaining products and processing orders, and stop them from changing configuration settings?
At the moment Zen Cart gives all Admin users access to all functions, though this will be subject to review for Zen Cart 1.6. Until then, there is a 3rd party add-on, Admin Pr
- 2006-10-19 - Similar Articles

How do I enable SSL after I have installed Zen Cart?
SSL  (secure socket layer) is used to encrypt communications between the browser and the server, thus protecting sensitive data being transferred from your customers to y
- 2009-08-10 - Similar Articles

How do I relocate my "download" folder outside my webroot for better security?
In Zen Cart v1.3.x and newer, it is possible to relocate the "download" folder outside your webserver's "webroot" (the public_html or httpdocs or htdocs et
- 2007-11-09 - Similar Articles

How do I rename my Admin folder to prevent unauthorized access?
While access to your admin area is protected by the requirement of your admin password, it is recommended for additional security that you rename your admin directory after in
- 2009-08-19 - Similar Articles

How do I secure my Downloads folder to prevent theft?
In a Windows-hosting environment, when you create a virtual product using download attributes customers are able to download a product as much as they like by using the follow
- 2007-07-01 - Similar Articles

I am seeing repeated Who's Online entries with autoLoadConfig or http in the URL
In older versions of Zen Cart (v1.3.0, 1.3.0.1, 1.3.0.2) there was a vulnerability in the code which was announced to the hacker world. Even though that has been fixed in subs
- 2009-06-22 - Similar Articles

I can't stay logged in to my Admin area -- or -- PHP Session Handling isn't working for me.
THE FIRST THING TO TRY is this:- Close all your browser windows- Open 1 browser window, and use it to clear your browser cache AND cookies.- If you are using Safari for your b
- 2009-07-23 - Similar Articles

I have Plesk - How can I do SSL from my httpdocs folder and not have to duplicate everything in httpsdocs?
If you are you using Plesk, then go into your Plesk account profile, click on "Setup" and then enable the two checkboxes which say: Enable SSL Use a sing
- 2008-02-28 - Similar Articles

I think I might have been hacked. What should I do?
Apply Security Fixes applicable to your version 1. If any security fixes have been posted for your version, be sure you have installed them. Site Audit to look for damaged
- 2007-06-11 - Similar Articles

Is the Zen Cart Program Safe from Hackers and/or Injection Attacks?
We take security issues VERY seriously. Whenever a true security risk is discovered, a fix is posted immediately, using whatever means is most appropriate. Please see the rela
- 2006-08-30 - Similar Articles

PCI Compliance Statement and PABP Standards
PCI DSS Compliance Questions Answered Common myths about PCI Compliance Please see the following page for a better understanding of what PCI Compliance is NOT:  https:/
- 2009-03-31 - Similar Articles

What is an SSL certificate
An SSL certificate contains the following information: - The domain name for which the certificate was issued. - The owner of the certificate and the domain name. - The physi
- 2006-09-08 - Similar Articles

What is CHMOD and what do the numbers mean?
Problem: "I'm having trouble setting my configure.php files to read-only.  What does 444 mean?"Answer:A number of hosts do not allow setting permissions to 644
- 2007-10-18 - Similar Articles