X-Cart:Protected Mode

From X-Cart 4 Classic
Jump to: navigation, search

X-Cart versions 4.5.5 and later allow you to enable the so-called Protected mode for the store's back end. Protected mode provides protection against unauthorized access to security sensitive operations performed via the store's back end and thus allows you to minimize the risk of a malicious script being uploaded to your store's site or your database getting compromised in case an intruder manages to gain access to the store's back end.

Protected mode can be switched on and off by editing the values of the constants PROTECT_DB_AND_PATCHES and PROTECT_ESD_AND_TEMPLATES in X-Cart's main configuration file config.php.

PROTECT_DB_AND_PATCHES applies to SQL/security and upgrade/patch operations including the following:

  • admin/db_backup.php - operations of creating a backup of your store's database and restoring the database from backup via the 'Database Backup/Restore' page in Admin area;
  • CHANGE_SECURITY_OPTIONS - changing any settings on the General settings/Security options page (Settings->General settings->Security) in Admin area;
  • PATCH_FILES, PATCH_SQL - Apply Patch and Apply SQL patch operations via the Patch/Upgrade center page (Tools->Patch/Upgrade) in Admin area;
  • UPGRADE - Upgrade operations via the Patch/Upgrade center page (Tools->Patch/Upgrade) in Admin area;
  • ADD_ALLOWED_ADMIN_IP - adding allowed IP addresses via the 'Allowed IP addresses' section on the User access control page (Tools menu -> Maintenance -> "See also" tab (right-side menu) -> User access control) in Admin area.

PROTECT_ESD_AND_TEMPLATES applies to file operations and template editing:

  • Edit templates - any operations via the Browse templates section in Admin and (X-Cart PLATINUM) Provider area;
  • FILE_OPERATIONS - any operations via the Browse files section in Admin and (X-Cart PLATINUM) Provider area (includes upload of files for ESD products).

The possible values for the constants PROTECT_DB_AND_PATCHES and PROTECT_ESD_AND_TEMPLATES are 'ip', 'file' and 'FALSE'.

'FALSE' corresponds to disabled Protected mode. When this value is used, security sensitive operations can be performed by anyone with access to the store's back end. Using this value is strongly discouraged.

'file' and 'ip' are values that enable Protected mode. The difference between the two is the protection method provided:

  • 'file'-based protection method: This method provides the highest level of security. With this method, the user is not allowed to make any changes on the protected pages unless a file named XC_UNLOCK has been created in the directory var/tmp. It is essential that X-Cart software be able to delete this file, which means you must set write permissions accordingly - both for the directory var/tmp and the file XC_UNLOCK. If X-Cart does not have the permissions to delete the file, the store continues working in Protected mode. The file XC_UNLOCK is removed automatically after six hours.
  • 'ip'-based protection method: With this method, users are not allowed to make changes on the protected pages unless they are using an 'allowed' IP address. To define, whether or not an IP address is 'allowed', X-Cart uses the same base of IP addresses as the User access control functionality. This means that if you are going to use Protected mode based on the 'ip'-based protection method, you should make sure your store's list of allowed IP addresses contains the IP addresses from which you allow security sensitive admin operations.

Note that the values of the constants PROTECT_DB_AND_PATCHES and PROTECT_ESD_AND_TEMPLATES can be adjusted independently of one another to give you more flexibility; for instance, you can use 'file'-based protection method for SQL/security and upgrade/patch operations and 'ip'-based protection method for file uploads and template editing.


See also