Installing OSCOMMERCE on FreeBSD
Installing OSCOMMERCE on FreeBSD
Getting the files in place on your server
Download the .tar file of OSCOMMERCE and upload it to your account on your web server. As of this writing the latest version is oscommerce-2.2ms2-060817.tgz.
If you have SSH and access to Lynx on your hosting account, find the URL of the file and download it straight to your account. If not, download it to your computer and then upload it to your server via FTP.
To decompress the file, SSH to the directory on your server where you placed the file and issue the command:
tar zxvf <filename.tgz>
Or in other words, to decompress "oscommerce-2.2ms2-060817.tgz," you would issue this command:
tar zxvf oscommerce-2.2ms2-060817.tgz
Using our above example, the command would create a directory called oscommerce-2.2ms2-060817 in the same directory it was decompressed in.
The directory structure for OSCOMMERCE is: webroot/catalog. So if your web site is yourdomain.com, OSCOMMERCE is expecting to find its files in http://www.yourdomain.com/catalog.
Since your decompressed OSCOMMERCE files are actually located in the wrong directory, you can either SSH into the directory and move the "catalog" directory to the root of your web hosting account using the "mv" command, or you can FTP to your account and drag the "catalog" directory to the root directory of your web hosting account.
For example, if you store your public html files in /usr/home/yourdomain/www/data, then you could use the following command:
cd /usr/home/yourdomain/www/data/oscommerce-2.2ms2-060817
mv catalog /usr/home/yourdomain/www/data/
Once you have reached this point, you should be able to open a web browser to the URL of www.yourdomain.com/catalog and view the "Welcome to osCommerce!" introduction page.
Note that if you don't have SSH access to your hosting account, you should download the zipped version of OSCOMMERCE, unzip it locally, and upload the "catalog" directory using an FTP program. Be sure to upload the files in ASCII, not binary.
Enter MySQL by typing the following command
mysql -uroot -ppassword (where password is your mysql root password)
Create a database. For example, for a database named commerce, you would use the following command:
mysql> CREATE DATABASE commerce;
Grant permissions to a user for the commerce database and set a legitimate password:
mysql> GRANT ALL PRIVILEGES ON commerce.* TO dbuser@localhost
-> IDENTIFIED BY 'password' WITH GRANT OPTION;
Open a web browser and open the URL: http://www.yourdomain.com/catalog
On the intro screen, leave everything at default and continue to the next screen:
|
Database Import |
Note: Make sure all of your information here matches the database information you created in the prior step.
If you entered all data successfully, you should see the following on the screen:
|
New Installation Database Import |
The OSCOMMERCE admin interface is located at the URL: http://www.yourdomain.com/catalog/admin. It is not secured and anyone who knows the structure of OSCOMMERCE, can easily gain access to the admin interface just by going to the "admin" directory. Securing the Admin console could be done by renaming the admin directory or the index.php. This type of security is called security through obscurity, and is not recommended. The proper way to secure the Admin console on OSCOMMERCE, is to create .htpasswd and .htaccess files and place them in their proper respective locations. Instructions for securing a directory on FreeBSD can be found in my FreeBSD ISP guide:
Step-by-Step FreeBSD ISP - .htpasswd/.htaccess
 Warning:
Installation directory exists at: /usr/home/yourdomain/www/data/catalog/install.
Please remove this directory for security reasons. |
| Warning:
I am able to write to the configuration file: /usr/home/yourdomain/www/data/catalog/includes/configure.php.
This is a potential security risk - please set the right user
permissions on this file. |
Solution: Delete the install directory and chmod the configure.php file down to the lowest level that corrects this error. You will see these errors until they are corrected.