VP-ASP :: Shopping Cart Software

Shopping Cart Software Solutions for anywhere in the World

US/Canada(Toll Free): +1 888 587 2278
Europe/UK: +44 (020) 7193 9408
Australia/New Zealand: +61 3 9016 4497

VP-ASP Shopping Cart Customer Forum

Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 VPCart Forum
 General help me questions
 Data Source Name help
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

jayceew
VP-ASP New User

USA
111 Posts

Posted - April 29 2007 :  17:07:27  Show Profile  Reply with Quote
Hi All,
I'm getting ready to transfer my site to my host, and they're asking for a Data Source Name-(The name you will use in your HTML code to reference the database). I'm not sure what this is or how to set this up

They also want a Database Filename (The name of the Access database the DSN will be attached to). Enter the entire filename, including the .mdb file extension. I'm guessing this is just the file name of my access db.

Also I'm using NetworkSolutions as a host, does anyone know if they give me a place to put my DB or do I just put it in a directory in the root?

Thanks for the help,

Jack

support
Administrator

4266 Posts

Posted - April 29 2007 :  20:46:38  Show Profile  Visit support's Homepage  Reply with Quote
Hi Jack,

I would try using a DSN-Less connection first before using the ODBC option. Gives you more flexibility in that you do not need to rely on your host to set things up for you.

Ask them if they have a secure folder for databases and then update your shop$config.asp file to point to the new location.

Have a look in the QuickStart Guide to see how to change your shop$config.asp file.

You can test whether a database is secure by typing the path to the database into a browser and seeing if it allows you to download it or not.

Thanks
Cam

VP-ASP Support
Go to Top of Page

jayceew
VP-ASP New User

USA
111 Posts

Posted - April 30 2007 :  00:51:46  Show Profile  Reply with Quote
Hi Cam ,
I kinda just went with it. I filled in the forms end they made a directory called DB for me to put my db in. I changed config so VPASP Could find it. I'm going to ftp it all up tommorrow. hope it works,
It's getting late here in the US almost 2 am. time for bed.
Good night All
and thanks
Jack
Go to Top of Page

devshb
Senior Member

United Kingdom
1898 Posts

Posted - April 30 2007 :  01:02:04  Show Profile  Visit devshb's Homepage  Reply with Quote
something to watch out for when it comes to putting secure files like mdb files into "secure" directories is...

Some hosts have a bad overall structure for files, and when they do it means that if they upgrade the server or accidentally change the permissions by doing some other internal maintenance task, then the permissions of a "secure" directory might accidentally end up non-secure without you or the host even knowing about it.

The best structure of a site is to have something like this:

mysite.com
mysite.com>wwwroot
mysite.com>database
mysite.com>private

and your domain when browsed as "mysite.com" would be pointed to the physical "mysite.com>wwwroot" directory. so that even if the "database" or "private" directory permissions accidentally end up readable, nobody can actually browse them because of the way your dns/site is pointed.

a bad structure would be something like this:
mysite.com
mysite.com>database
mysite.com>private

where your domain when browsed as "mysite.com" would be pointed to the physical "mysite.com" directory. this is bad, because if the permissions of "database" or "private" accidentally change, then all the files within them will be browsable.

it's a very very important point this, and if your host doesn't allow something along the lines of the first example above, then you should seriously consider moving host.

feel free to point your host towards this posting and ask them if they allow the kind of "good" structure as per the first example above, and if so, how to apply it. if they come back to you with a "we don't allow it; don't worry though the permissions are fine" response, then move host because that response isn't valid if you're serious about keeping your data/files secure. Similarly, if the host says "that's overkill; it'll never happen" then that's also invalid; I've seen this happen before so it does happen in the real world.

Some people might think that the above topic is a help topic for hackers, but that's not the case; any hacker will already know all of the above and will already be trying it to gain access to every site they want to look at. So, this is a critical heads-up to any merchants out there who might have been hacked but don't know how it happened, and for merchants who've been lucky enough to have not been hacked yet but who still have a "bad" structure.

If you have the "bad" structure but don't have the time/money to move host, then put a dummy text file into the secure directories, and then every day or so try to browse that file; if you can browse it then contact your host urgently and get them to correct the permissions.

The above "good" example still isn't 100% hacker-proof, but it's infinitely better than the bad example.

Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons

Edited by - devshb on April 30 2007 01:34:52
Go to Top of Page

jayceew
VP-ASP New User

USA
111 Posts

Posted - April 30 2007 :  23:36:21  Show Profile  Reply with Quote
Hi All,
Thanks Cam & Simon.
Let me run this by you to see if my thinking is correct on this. I am going to set up My site structure like this:

There is the site root (www.mydomain.com), and in the root I'll create two directories, one for my site files called mysite, and one for my database called mydb.
I'll point my domain to the directory called "mysite". And I'll create a DSN for my DB (actually I'll tell my host where the DB is and they'll create the DSN for me.
Being a novice I'm thinking that it works just like it would on a hard drive. Where c: drive would be the root and my two directories would be like C:/mysite and c:/mydb. The last problem I'm having is what do I enter in xdblocation in my config.asp? I know it would be a relative location, like ../mydb or someting like that. But I'm not sure how to write it out.

I can't thank you both enough. You and the others on this forum have made this journey a very pleasant experience for me. It's been a learn as I go project and everyone was eager to help. My field is recreational boat parts and accessories, so if anyone has any questions let em rip.

Thanks Again
Jack
PS Simon I installed your BigYellowZone Domain Tools Bolt On today and as I expected it's a great tool, You could charge twice as much for it and it would still be a fantastic value.Everyone using ssl should get this tool.
Go to Top of Page

devshb
Senior Member

United Kingdom
1898 Posts

Posted - May 01 2007 :  03:31:52  Show Profile  Visit devshb's Homepage  Reply with Quote
hi,
yes; I think your proposed structure is right, ie that you'd have something like this when you look at ftp:
wwww.mydomain.com
wwww.mydomain.com>mydb
wwww.mydomain.com>mysite

then your dns would be setup in such a way that when people visit "mydomain.com" on their browser, that would equate to the physical directory of "wwww.mydomain.com>mysite"

yes, you'd use a relative location for your db file in shop$config.asp, so your xdblocation would be set to "../mydb" in the above example (you wouldn't need a slash on the end of that)

glad you like the domain tool; it's saved us and our clients a lot of dropped carts in the past, and made ssl implementation much easier.

Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons
Go to Top of Page

jayceew
VP-ASP New User

USA
111 Posts

Posted - May 03 2007 :  14:30:11  Show Profile  Reply with Quote
Hi All,

Thanks Again Simon,

I put my site up on the server and all seems to be OK. Going live this weekend. dredgeharbor.com Waiting for my domain transfer to kick in. Still have to add some images and descriptions, Add all my email accounts and do some SEO. But that's all LOL.

Thanks Again

Jack
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000