Author |
Topic |
|
jayceew
VP-CART New User
USA
114 Posts |
Posted - April 29 2007 : 17:07:27
|
Hi All, I'm getting ready to transfer my site to my host, and they're asking for a Data Source Name-(The name you will use in your HTML code to reference the database). I'm not sure what this is or how to set this up
They also want a Database Filename (The name of the Access database the DSN will be attached to). Enter the entire filename, including the .mdb file extension. I'm guessing this is just the file name of my access db.
Also I'm using NetworkSolutions as a host, does anyone know if they give me a place to put my DB or do I just put it in a directory in the root?
Thanks for the help,
Jack |
|
support
Administrator
4679 Posts |
Posted - April 29 2007 : 20:46:38
|
Hi Jack,
I would try using a DSN-Less connection first before using the ODBC option. Gives you more flexibility in that you do not need to rely on your host to set things up for you.
Ask them if they have a secure folder for databases and then update your shop$config.asp file to point to the new location.
Have a look in the QuickStart Guide to see how to change your shop$config.asp file.
You can test whether a database is secure by typing the path to the database into a browser and seeing if it allows you to download it or not.
Thanks Cam
VP-ASP Support |
|
|
jayceew
VP-CART New User
USA
114 Posts |
Posted - April 30 2007 : 00:51:46
|
Hi Cam , I kinda just went with it. I filled in the forms end they made a directory called DB for me to put my db in. I changed config so VPASP Could find it. I'm going to ftp it all up tommorrow. hope it works, It's getting late here in the US almost 2 am. time for bed. Good night All and thanks Jack |
|
|
devshb
Senior Member
United Kingdom
1904 Posts |
Posted - April 30 2007 : 01:02:04
|
something to watch out for when it comes to putting secure files like mdb files into "secure" directories is...
Some hosts have a bad overall structure for files, and when they do it means that if they upgrade the server or accidentally change the permissions by doing some other internal maintenance task, then the permissions of a "secure" directory might accidentally end up non-secure without you or the host even knowing about it.
The best structure of a site is to have something like this:
mysite.com mysite.com>wwwroot mysite.com>database mysite.com>private
and your domain when browsed as "mysite.com" would be pointed to the physical "mysite.com>wwwroot" directory. so that even if the "database" or "private" directory permissions accidentally end up readable, nobody can actually browse them because of the way your dns/site is pointed.
a bad structure would be something like this: mysite.com mysite.com>database mysite.com>private
where your domain when browsed as "mysite.com" would be pointed to the physical "mysite.com" directory. this is bad, because if the permissions of "database" or "private" accidentally change, then all the files within them will be browsable.
it's a very very important point this, and if your host doesn't allow something along the lines of the first example above, then you should seriously consider moving host.
feel free to point your host towards this posting and ask them if they allow the kind of "good" structure as per the first example above, and if so, how to apply it. if they come back to you with a "we don't allow it; don't worry though the permissions are fine" response, then move host because that response isn't valid if you're serious about keeping your data/files secure. Similarly, if the host says "that's overkill; it'll never happen" then that's also invalid; I've seen this happen before so it does happen in the real world.
Some people might think that the above topic is a help topic for hackers, but that's not the case; any hacker will already know all of the above and will already be trying it to gain access to every site they want to look at. So, this is a critical heads-up to any merchants out there who might have been hacked but don't know how it happened, and for merchants who've been lucky enough to have not been hacked yet but who still have a "bad" structure.
If you have the "bad" structure but don't have the time/money to move host, then put a dummy text file into the secure directories, and then every day or so try to browse that file; if you can browse it then contact your host urgently and get them to correct the permissions.
The above "good" example still isn't 100% hacker-proof, but it's infinitely better than the bad example.
Simon Barnaby Developer [email protected] www.BigYellowZone.com Web Design, Online Marketing and VPASP addons |
Edited by - devshb on April 30 2007 01:34:52 |
|
|
jayceew
VP-CART New User
USA
114 Posts |
Posted - April 30 2007 : 23:36:21
|
Hi All, Thanks Cam & Simon. Let me run this by you to see if my thinking is correct on this. I am going to set up My site structure like this:
There is the site root (www.mydomain.com), and in the root I'll create two directories, one for my site files called mysite, and one for my database called mydb. I'll point my domain to the directory called "mysite". And I'll create a DSN for my DB (actually I'll tell my host where the DB is and they'll create the DSN for me. Being a novice I'm thinking that it works just like it would on a hard drive. Where c: drive would be the root and my two directories would be like C:/mysite and c:/mydb. The last problem I'm having is what do I enter in xdblocation in my config.asp? I know it would be a relative location, like ../mydb or someting like that. But I'm not sure how to write it out.
I can't thank you both enough. You and the others on this forum have made this journey a very pleasant experience for me. It's been a learn as I go project and everyone was eager to help. My field is recreational boat parts and accessories, so if anyone has any questions let em rip.
Thanks Again Jack PS Simon I installed your BigYellowZone Domain Tools Bolt On today and as I expected it's a great tool, You could charge twice as much for it and it would still be a fantastic value.Everyone using ssl should get this tool. |
|
|
devshb
Senior Member
United Kingdom
1904 Posts |
Posted - May 01 2007 : 03:31:52
|
hi, yes; I think your proposed structure is right, ie that you'd have something like this when you look at ftp: wwww.mydomain.com wwww.mydomain.com>mydb wwww.mydomain.com>mysite
then your dns would be setup in such a way that when people visit "mydomain.com" on their browser, that would equate to the physical directory of "wwww.mydomain.com>mysite"
yes, you'd use a relative location for your db file in shop$config.asp, so your xdblocation would be set to "../mydb" in the above example (you wouldn't need a slash on the end of that)
glad you like the domain tool; it's saved us and our clients a lot of dropped carts in the past, and made ssl implementation much easier.
Simon Barnaby Developer [email protected] www.BigYellowZone.com Web Design, Online Marketing and VPASP addons |
|
|
jayceew
VP-CART New User
USA
114 Posts |
Posted - May 03 2007 : 14:30:11
|
Hi All,
Thanks Again Simon,
I put my site up on the server and all seems to be OK. Going live this weekend. dredgeharbor.com Waiting for my domain transfer to kick in. Still have to add some images and descriptions, Add all my email accounts and do some SEO. But that's all LOL.
Thanks Again
Jack |
|
|
|
Topic |
|