Full service web hosting, great prices and support. Starts at $1.99/month!
Results 1 to 7 of 7

Thread: OsCMax - How To Update and Improve Security

  1. #1
    Claymm
    Guest


    Default OsCMax - How To Update and Improve Security

    Hi everybody,

    First, I'm a french guy and I'm sorry about my english if I make some mistakes.

    Then, I'm using OsCmax 2.0 (but I'm not sure about this version number, do you know where can I found it ? I've still the install folder that I've downloaded, it's "osc_ms2_max2_0").

    I've added a lot of contributions and modules to my versions and I would like to improve the security of my OsCmax now. I've seen that a lot of updates exist about security and I would like to get the last version (if it's possible) of OsCMax WITHOUT lost all of the work I've done on my version.

    So, I'm here to request your help in order to have a version up to date and to improve the security of my OsCMax application.

    Thanks for all of you're replies.

    Best regards.

    Claymm.
    Last edited by Claymm; 07-09-2009 at 05:47 AM.

  2. #2
    jpf
    Guest


    Default Re: OsCMax - How To Update and Improve Security

    Unfortunately the folder means nothing as was never a part of any distribution of osCMax. If anything it might have been part of the file name the archive was in.


    It might have been one of the early version of 2.0 beta - a pre-RC maybe.

    Yes it can be upgraded - no, it is not easy (depending on how much data you have).

  3. #3
    Claymm
    Guest


    Default Re: OsCMax - How To Update and Improve Security

    Thank you for responding jpf.

    So we can't realy know which version of osCMax is it ?
    It wasn't written in some comments ?
    I can tell you that's an osCommerce 2.2 MS2, I've found it in the application_top.php just near "PROJECT_VERSION".

    So, my objective is fisrt is to being able to put the register_globals on "off" in my php.ini, because it's a big vulnerabilty. Then, I think it would be beter to upgrade my version of osCMax in order to get the last securities updates.

    About my datas, it's a "clean" version, I haven't any article or anything in my shop, it's a sort of template that I use when I want to make a shop, so here I've just the modules and contributions installed (a lot) with my osCMax.

    Do you think that you could give me instructions to do one or both of those procedures ?

    Thank you in advance.
    Best Regards.

    Claym.

  4. #4
    jpf
    Guest


    Default Re: OsCMax - How To Update and Improve Security

    Yes we are based on osCommerce 2.2 MS2 (not anything newer) - to remain compatible with 90% of available mods/contribution that are available.

    However we have so many MODS that is it hard some time to keep it updated and to add in more things....

    Thus over time some feature have dropped out and replaced by other one. Many feature have been added and security related part updated/changed.

    Top that off with other mods that people have added to customize there shop.....

    This is what make it hard to upgrade older stores.

    Yes it is possible - but if your store is that OLD - then maybe you should start with a fresh copy of OSCMAX.

    First: setup and modify how you want (see if you can make the template you have work - copy your changes over).

    Then use the EZpopulate feature to transfer over your items (manually copy over IMAGES etc...).

    It may be possible to copy over your existing users and addresses fairly easily.

    Note: to convert any configuration settings or HISTORY may be a huge issue and time consuming.


    I have lost all my old version of MS2-Max and early version of osCMax (RC1 & RC2) - so how hard it would be really depend - but can't say how hard.

  5. #5
    Claymm
    Guest


    Default Re: OsCMax - How To Update and Improve Security

    Thanks for responding again,

    I decided to take the latest version of osCMax and to rebuild my own version by reinstalling all the contributions that I installed on my old version in order to have all the functionnalities and to have the most secure version of osCMax/osCommerce.

    So I took the osCMax_v2.0.3, I installed it and now I'm looking for french translation for this version. I found some patches but they are not realy accomplished, I miss a lot of documents which are not translated. SO I wanted to know if there are french guys here and if they have translation packs for osCMax 2.0.3 or other version, maybe it'll work.

    In a second time, I would like to know which updates I have to do with this 2.0.3 in order to have the most secure version. I heard about "osCMax Security Update - XSS flaw patched", "osCMax Security Update - Arbitrary Upload Exploit"or "osCMax v2.0.3 Security Update Released".

    Which ones are already installed in the 2.0.3 and which ones should I do, in order to have the most secure version ?

    Thanks in advance.
    BstRgds.
    Claymm.

  6. #6
    jpf
    Guest


    Default Re: OsCMax - How To Update and Improve Security


  7. #7
    Claymm
    Guest


    Default Re: OsCMax - How To Update and Improve Security

    Yes but it wasn't complete.

    I completed it with my own words ^^

    Thank you.

Similar Threads

  1. osCMax v2.0.3 Security Update
    By Huski in forum osCMax v2 Features Discussion
    Replies: 3
    Last Post: 07-02-2009, 06:19 AM
  2. osCMax v2.0.3 Security Update Released
    By michael_s in forum Announcements
    Replies: 0
    Last Post: 07-01-2009, 10:14 AM
  3. osCMax Security Update - XSS flaw patched
    By michael_s in forum Announcement Discussions
    Replies: 20
    Last Post: 03-31-2009, 12:45 PM
  4. osCMax 2.0RC2 Security Patch/Update 051112
    By wilde-uk in forum osCmax v2 Installation issues
    Replies: 5
    Last Post: 04-12-2006, 07:45 PM
  5. osCMax 2.0RC2 Security Patch/Update 051112
    By michael_s in forum Announcements
    Replies: 0
    Last Post: 11-27-2005, 10:12 AM

Tags for this Thread

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •