The latest version of zen cart – specifically the 1.3.9 series, focuses on several things including: security, bug fixes, speed and PCI Compliance.

For example, when doing a manual install of zen cart version 1.3.9, the software will force you to change the name of your admin folder. It will not allow you to log into your administration area without renaming the /admin folder and removing the zc_install folder. This is an important security feature, because hackers know that the standard name for the admin folder is /admin.

If you are using an automated installation program such as Fantastico to install your zen cart, it will automatically rename your admin folder name to zc_admin. Nice, huh? No… not really.

Keep in mind that hackers have the same access to hosting accounts with these automated installation programs. If they were to use Fantastico to do an install… they would see what the admin folder name is re-named to and from there can write their stupid little hacking programs to search for and try to hack into that folder.

It is ALWAYS in your best interest for security sake to rename your admin folder to something meaningful to you. Do not feel secure with the fact that the automated installation program has renamed your admin folder. Change it to something else – and don’t forget to change that information in your admin/includes/configure.php file as well. There are 3 different lines of code that you will need to change in that file.

Leave a Reply

You must be logged in to post a comment.