FAQ Home
Show all FAQs
htpasswd htaccess
What is the safest and securest way to accept customers credit card numbers?
The Dansie Shopping Cart works with various versions of PGP on both Unix and Windows NT hosts. It also works with GPG. For more details, see Secure Server Variable #10 in the ReadMe.
http://www.dansie.net/cart_readme.html
See also:
http://www.dansie.net/creditcards.html
http://www.pgp.com/
http://www.gnupg.org
http://en.wikipedia.org/wiki/Pretty_Good_Privacy
The Dansie Shopping Cart can append the credit card numbers to a datafile on your host. See Secure Server Variable #8 in the ReadMe. Then you can download them securely with your web browser via "https". An .htaccess and .htpasswd file can be placed in the same directory where the credit card numbers are being written to to prevent anyone else from accessing the credit card numbers with their browser without the password. See also:
http://www.dansie.net/creditcards.html
Some .htaccess tutorials are here:
http://hoohoo.ncsa.uiuc.edu/docs/tutorials/user.html
http://www.barmaton.nl/help/htaccess.html
You don't have a secure host to run the ssl.pl script on? Here is a secure host that can remotely host your ssl.pl script for you. They know about the Dansie Shopping Cart and understand your SSL needs:
https://www.namehero.com/
Ask for James.
cgi-bin browsing. Does your host have your site configured so that your cgi-bin directory can be browsed?
Go here:
http://www.YourName.com/cgi-bin/
If you see "Forbidden" or a similar message then that is good. If you see a listing of all the files in your cgi-bin directory and can view text files by clicking on them, that's NOT good. Ask your host to fix that so that your cgi-bin directory is NOT browsable. And don't have the cart append credit card information to directories that are browsable (SSV#8).
What are .htaccess and .htpasswd files? And what can they do?
.htaccess and .htpasswd files can be used to password protect directories on Unix hosted websites. They can prevent people from accessing a directory and all files in it, unless they enter a correct user name and password.
Some .htaccess tutorials are here:
http://hoohoo.ncsa.uiuc.edu/docs/tutorials/user.html
http://www.barmaton.nl/help/htaccess.html
A .htpasswd toolkit can be found here:
http://www.dansie.net/htpasswd_toolkit.zip
Why doesn't the shopping cart include the password in the email receipt after I purchase an item in passwords.dat?
1. Make sure that the "passwords.dat" file is spelled correctly.
2. Make sure the passwords.dat file is in the same directory that your
vars.dat file is in.
3. Make sure that the left fields in your passwords.dat file matches
exactly what you have in the custom description tags of your HTML forms. It
is case sensitive. See details on this in section 14 of the ReadMe.
http://www.dansie.net/cart_readme.html
4. If you have system paths to an .htpasswd file in your passwords.dat file, make sure those system paths are accurate. Use this tool kit to make sure your htaccess and htpasswd files are set up correctly:
http://www.dansie.net/htpasswd_toolkit.zip
5. Make sure that the .htpasswd file is writable. Chmod 666 on Unix. After you run a test order, check to see that the .htpasswd file was written to. Open it up and see that your email address and crypted password are in it. If not, either it's not writable, or your system paths in the passwords.dat file are not accurate.
6. If your email address appears in the .htpasswd file more than one time and you are having trouble logging in after running at test order, remove your email addresses and passwords from the .htpasswd file and run a new test order. Then try to login with the new password.
Dansie FAQ Wizard 2.0 http://www.dansie.net