On FreeBSD


Installing OSCOMMERCE on FreeBSD


Installing OSCOMMERCE on FreeBSD

Getting the files in place on your server

Download the .tar file of OSCOMMERCE and upload it to your account on your web server. As of this writing the latest version is oscommerce-2.2ms2-060817.tgz.

If you have SSH and access to Lynx on your hosting account, find the URL of the file and download it straight to your account.  If not, download it to your computer and then upload it to your server via FTP.

To decompress the file, SSH to the directory on your server where you placed the file and issue the command:

tar zxvf <filename.tgz> 

Or in other words, to decompress "oscommerce-2.2ms2-060817.tgz," you would issue this command:

tar zxvf oscommerce-2.2ms2-060817.tgz

Using our above example, the command would create a directory called oscommerce-2.2ms2-060817 in the same directory it was decompressed in.

The directory structure for OSCOMMERCE is: webroot/catalog. So if your web site is, OSCOMMERCE is expecting to find its files in

Since your decompressed OSCOMMERCE files are actually located in the wrong directory, you can either SSH into the directory and move the "catalog" directory to the root of your web hosting account using the "mv" command, or you can FTP to your account and drag the "catalog" directory to the root directory of your web hosting account.

For example, if you store your public html files in /usr/home/yourdomain/www/data, then you could use the following command:

cd /usr/home/yourdomain/www/data/oscommerce-2.2ms2-060817
mv catalog /usr/home/yourdomain/www/data/

Once you have reached this point, you should be able to open a web browser to the URL of and view the "Welcome to osCommerce!" introduction page.

Note that if you don't have SSH access to your hosting account, you should download the zipped version of OSCOMMERCE, unzip it locally, and upload the "catalog" directory using an FTP program. Be sure to upload the files in ASCII, not binary.

Creating the MySQL database

Enter MySQL by typing the following command

mysql -uroot -ppassword (where password is your mysql root password)

Create a database. For example, for a database named commerce, you would use the following command:

mysql> CREATE DATABASE commerce;

Grant permissions to a user for the commerce database and set a legitimate password:

mysql> GRANT ALL PRIVILEGES ON commerce.* TO dbuser@localhost


Open a web browser and open the URL:

On the intro screen, leave everything at default and continue to the next screen:

Database Import

Please enter the database server information:

Database Server:
Hostame or IP-address of the database server
The database server can be in the form of a hostname, such as, or as an IP-address, such as
Database username
The username used to connect to the database server. An example username is 'mysql_10'.

Note: Create and Drop permissions are required at this point of the installation procedure.
Database password
The password is used together with the username, which forms the database user account.
Database Name:
Database Name
The database used to hold the data. An example database name is 'osCommerce'.
Persistent Connections:
Enable persistent database connections.

Note: Persistent connections should be disabled for shared servers.
Session Storage:  Files   Database  
Store user session data as files on the server, or in the database.

Note: Due to security related issues, database session storage is recommended for shared servers.

Note: Make sure all of your information here matches the database information you created in the prior step.

If you entered all data successfully, you should see the following on the screen:

New Installation

Database Import

A test connection made to the database was successful.

Please continue the installation process to execute the database import procedure.

It is important this procedure is not interrupted, otherwise the database may end up corrupt.

The file to import must be located and named at:


Securing the Admin console

The OSCOMMERCE admin interface is located at the URL: It is not secured and anyone who knows the structure of OSCOMMERCE, can easily gain access to the admin interface just by going to the "admin" directory. Securing the Admin console could be done by renaming the admin directory or the index.php. This type of security is called security through obscurity, and is not recommended. The proper way to secure the Admin console on OSCOMMERCE, is to create .htpasswd and .htaccess files and place them in their proper respective locations. Instructions for securing a directory on FreeBSD can be found in my FreeBSD ISP guide:

Step-by-Step FreeBSD ISP - .htpasswd/.htaccess

  Potential problems:

Warning Warning: Installation directory exists at: /usr/home/yourdomain/www/data/catalog/install. Please remove this directory for security reasons.
Warning Warning: I am able to write to the configuration file: /usr/home/yourdomain/www/data/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

Solution: Delete the install directory and chmod the configure.php file down to the lowest level that corrects this error. You will see these errors until they are corrected.