Security

How To Make Your CS-Cart Project Secure (14 Steps)

By Roman Ananev

Rename administration panel to a random path

1

We recommend setting up the admin panel URL to a random and secure string like the password 13frI2yHJF0hHEOqShvCE4QJ.php.

Don’t use admin.php, secureadmin.php, or similar names.

Ensure all passwords are strong and secure

2

If you haven’t yet done it, make sure that all passwords relating to your website, not just your CS-Cart admin password, are secure.

1. Go to "Settings -> Security settings" 2. Change "Minimum administrator password length" to 16 3. Enable "Administrator password must contain both letters and numbers"

Create strong access key to cron script

3

Make sure that your cron script access key is secure and hard to be brute-forced.

1. Go to "Settings -> Security settings" 2. Make secure "Access key to cron script which..." password

Set up full HTTPS redirect for your website

4

Make sure that your cron script access key is secure and hard to be brute-forced.

1. Go to "Settings -> Security settings" 2. Enable "secure connection for all"

Keep your CS-Cart, add-ons and themes updated

5

It’s important to keep your website up to date. Every time your theme, add-ons, or CS-Cart/Multi-Vendor itself are updated, you should run that update, as it will often include security and performance patches.

Remove all sensitive files from your project which shouldn’t be accessible

6

Remove temp_dump.sql, error_log, test.php files, etc. It can help attackers to get more information about your project.

Use secure and high-performance hosting 

7

Take away all the technical complexities of hosting your business, focus on the growth with complete peace of mind.

Full how-to list

Full How-To List

By SD security team