The Security options section can be used to define the encryption method for your order emails, enable Blowfish encryption, set up a filter for the extensions of files that can be uploaded to the server, etc.
Click on General settings in the Administration menu, select Security options from the section menu.
Set the options below:
• Order emails encryption method: Select the appropriate method for order emails encryption from the drop-down box (None, PGP, GnuPG).
• Comma separated list of file extensions disallowed for uploading: Enter a comma separated list of file extensions (e.g. php, pl, cgi, asp, exe, com, bat, pif) the uploading of which onto the server you would like to disallow.
• Check if payment gateway response is coming from the IP's specified here (enter a comma separated list): Enter a comma separated list of IP's from which payment gateway responses can be accepted.
• Blowfish encryption method is enabled: Select this check box if you are going to use Blowfish encryption method.
Click on Save.
(If you have selected 'Blowfish encryption method is enabled' option) Use the 'Add merchant key' section to provide a new merchant key. Enter the key a second time for confirmation. Click on Submit Query.
Blowfish encryption method can be used to ensure a more secure encryption of the details field in xcart_orders table.
By default Blowfish encryption is disabled. It can be enabled in 'General Settings/Security options' section of the admin interface. When the administrator attempts to enable this option, he is transferred to the page where a new Merchant key for Blowfish can be entered. On this page the administrator is required to enter the desired new password and to confirm it. If all the requirements are met (the password is at least 6 characters long and the password confirmation is correct), the new password is created. Only after that Blowfish encryption option is actually enabled. Please note that the password itself is not saved in the system. Instead, its MD5 signature is saved to xcart_config database.
Initially, when the order is placed in the database it is encrypted with the standard encryption method. If the administrator wants to use Blowfish encryption method, he enters his Merchant key in the admin interface. At this point all the orders that have not been yet encrypted by Blowfish are recrypted with this password according to Blowfish method. Next time when the shop administrator wants to view the encrypted details fields he will not be able to do so without entering the Merchant key.
The administrator has the ability to change his Merchant key. After he enters the existing valid Merchant key in the admin interface, all the encrypted details fields are decrypted. Then the administrator goes to the page where Merchant key can be changed and changes it. When after changing his Merchant key the administrator enters the new key in his interface, all details fields are recrypted again with the new password.
admin/post_recrypt.php is an interface that can be used for remote recrypting of the details fields from the standard encryption method to Blowfish. It sends a POST request via HTTPS protocol to the script that does the recryption, transmitting Merchant key in merchant_password parameter. It can be called from the command line (for example: php post_recrypt.php merchant_password=test). It can also be called from the browser so that Merchant key would be transmitted through merchant_password GET parameter. The third way of transmitting the Merchant key is including it into the script code. It is the most secure way of sending the password as it will not appear in the command line or in the browser.
If the administrator disables Blowfish encryption (which is possible only if a valid Merchant key is entered), all details fields are recrypted back to the standard method.
In Blowfish encryption CRC32 is added which is used later on to check if the data has been decrypted correctly.
Related topics: