Shop installation without SSH
Introduction
These installation instructions can only be used from PepperShop version 7.0.
These instructions are intended to enable anyone who does not receive SSH access to their web server from their provider to install PepperShop.
The installation requires the manual modification of files. PepperShop files are created with UNIX line breaks. On Windows computers they therefore look a little “‘funny”. We recommend using a suitable editor, such as the free programme Notepad++, then the files will be interpreted and displayed correctly.
In the past, we often received e-mails or forum posts telling us that this installation is unnecessarily complicated. We would like to orientate ourselves on projects that offer a web installer. We would like to emphasise once again that the PepperShop has a dynamic, easy-to-use installation tool that handles the entire shop installation menu. However, this installation tool requires SSH access. If you do not have Telnet / SSH access, you will have to do some manual work and work through the following instructions.
Overview
The installation can be divided into the following six sections:
- download the PepperShop source code
- edit the files to be customised
- uploading the customised shop database
- uploading the customised shop files to the web server
- customising the file access rights
- creating the access protection for the administration area
Initial situation / database setup
It is assumed that you want to install the shop with only one existing database user and an existing MySQL or MariaDB database. These steps can usually be carried out via the control panel of your hosting provider. It should be noted that the existing database user may also have rights that should be excluded by our security concept (GRANT, …)
What do I need to install this shop
To install the PepperShop with these instructions, you will need the following components:
- Source files of the PepperShop (v.7.0 or newer)
- A text editor such as (e.g. Notepad++, …)
- An FTP programme (e.g. FileZilla Client, …)
- A web hosting account with FTP access and the following support:
- PHP version 7.2 or higher (older versions are no longer compatible!)
- GD-Library (from version 2)
- The PHP function
inet_set
must not be blocked
- MySQL from version 5.6 (recommended 5.7, also possible MariaDB 10.2)
- Web server (Apache, …)
- PHP version 7.2 or higher (older versions are no longer compatible!)
Download des Source Codes des PepperShops
Download the current version of PepperShop via your account. Open the following website and enter your login details.
- PepperShop sales system: https://www.peppershop.com/shop/
After downloading, unzip the files into a directory. This now contains the directory
phpeppershop_src
, which contains the shop files. This shop is not yet ready for use. Some adjustments have to be made first.
Editing the files to be customised
There are several files in the phpeppershop_src/template/
directory. Here we first want to customise the SQL files. These are responsible for creating and deleting the shop database in the MySQL server.
File: template_create.sql
Delete all lines from and with {nomakeuser} to and with {nomakeuser}. (would be responsible for the user creation of the automated Telnet/SSH setup config.pl
).
Replace all {shop_db} with the name of the already existing database. Attention: The curly brackets must also be replaced! E.g. {shop_db} then becomes db1651. Also replace the other curly brackets with the corresponding values. ({shopadmin}, {host-name}, {shopadminpwd})
File: template_insert.sql
Replace all {shop_db} with the name of the existing database. Attention: The curly brackets must also be replaced! Replace as in the file template_create.sql
.
File: template_del_tables_only.sql
Delete all lines from and with {nomakeuser} to and with {nomakeuser} (would be responsible for deleting users in the automated Telnet/SSH setup).
File: config_admin.inc.php
Now the directory must first be changed: In the following directory you will find the next file to be customised: phpeppershop_src
/shop/Admin/config_admin.inc.php.
In this file, you must enter the database data that you have received from your hosting provider’s control panel. The following entry is used here by default:det:
$config_admin['db']['host']= '{hostname}';
$config_admin['db']['db_name']= '{shop_db}';
$config_admin['db']['username']= '{shopadmin}';
$config_admin['db']['password']= '{shopadminpwd}';
Instead of {hostname}, you should enter the computer name on which MySQL is running (e.g. localhost or database.mydomain.com). The identifier {shop_db} is replaced by the name of the existing database. Finally, replace {shopadmin} with the name of the existing database user. The password of the database user is meant by {shopadminpwd}. Example data:
$config_admin['db']['host']= 'localhost';
$config_admin['db']['db_name']= 'db1651';
$config_admin['db']['username']= 'db1651_user';
$config_admin['db']['password']= 'abc345def-K';
The curly brackets must also be replaced, but not the inverted commas!
Import shop database
Using a tool such as phpMyAdmin or another programme, you can now import the two edited files template_create.sql
and template_insert.sql
(directory peppershop_src/template/
) into the database on your hosting provider’s server. Most hosting providers offer phpMyAdmin as an online database administration system.
Note: Before you import the files, we would like to point out that the commands in the files should only be executed once. Please do not click OK twice, wait a little. If, contrary to expectations, error messages do occur, you must first run the file template_del_tables_only.sql
before you can try again with template_crea-te.sql
and then template_insert.sql
.
Now that the database has been successfully uploaded and the shop data has been customised, we can upload the shop files to the web server and move on to point 7.
Info: Uninstallation
If you want to uninstall the shop again, you have to execute the file template_del_tables_only.sql
in the same way. This will delete all tables used by the PepperShop. Attention: ALL data will be lost if a backup has not been created and saved!
Upload the customised shop files to the web server
To upload the shop to the web server, you should use an (S)FTP programme. A free, robust FTP programme is the FileZilla client: http://filezilla-project.org. You should upload the entire directory peppershop_src
and then rename it (e.g. to shop). The name of the directory can be seen later in the URL. Example: http://www.meinserver.de/shop/. If you want to call up the shop without a subdirectory, please only upload the contents of the peppershop_src
directory.
Customise the file access rights
If PepperShop is running on a web server where special file access rights must be set (UNIX/Linux/MacOS-X + PHP as web server module), then these must be set correctly.
The easiest way to adjust the file permissions is with the automatic script. Call this as follows:
www.yourdomain.ch/shop_directory/shop/Admin/shop_authorisation_clean.php
Backing up the database data
The directory peppershop_src/template
must be given the file access right 700. All files in this directory must be assigned 600. This is so that no unauthorised person can see the database details. Alternatively, this subdirectory can also not be loaded onto the web server at all.
Clean up data using a cron job
A periodically started call should be set up for the PepperShop, which carries out daily tasks (clean-up work, queue forwarding, subscription processing, etc.). Among other things, the database is cleaned and cache entries that are no longer required are emptied. On UNIX/Linux systems, for example, you can use a cron job with the following command:
5 0 * * * cd {shopdirectory}shop/Admin/; php garbage_collection.php commandline
If no CRON can be used, an HTTP[S] call to the following file is also possible:
http[s]://{www.yourdomain.tld}/{webshop_directory}/shop/Admin/garbage_collection.php
Creating protection for the administration area
The administration area must be password-protected so that it cannot be accessed by anyone.
a. Hosting provider tool
Nowadays, it is common for the provider to provide a tool with which you can create and manage so-called directory access protection for any directory in your own web account. You can now use it to activate protection for the directory {shopver-directory}/shop/Admin
create.
b. Manual directory protection
In the event that the provider does not provide a tool of this type, the enclosed tool SHOP_HTACCESS.php
can be used to create protection. It uses a .htac-cess
and a .htpasswd
file, a ‘functionality’ of the Apache web server. If a Microsoft® IIS or other server is used, the hosting provider must be contacted regarding directory protection.
If the shop runs as a web server module under UNIX/Linux, we give the directory {shopver-directory}/shop/Admin
shopver directory temporary the access right 777.
We open the following file in our browser:
www.yourdomain.ch/{shopdirectory}/shop/Admin/SHOP_HTACCESS.php
Attention: Note that this is case-sensitive. We can now generate our .htaccess protection here. Once this has been processed, the access rights of the admin directory must be reset to 755. There are no UNIX access rights under Windows - simply ignore them.
What to do in case of an error message
If you have tried to set up htaccess protection and then receive a ‘500 Internal Server Error’ error message, the creation of the .htaccess protection has not worked as desired. This is usually due to the fact that you want to use advanced htaccess protection but the web server does not support this functionality. Be that as it may. To delete the faulty .htaccess protection, simply delete the two files .htaccess
and .htpasswd
in the Admin
directory. The dot in front of the file name means that the files are considered ‘hidden’. If you do not see them in the FTP tool, you should search for the corresponding setting.
Further security aspects
The .htpasswd
file should not be located in a web-accessible directory. You should store this file outside the web directory and adjust the path in the .htaccess
file accordingly. By default, it is located in the folder:{shop directory}/shop/Admin/
.
We would also like to point out that .htaccess
in Basic
mode accepts the password input unencrypted and therefore insecure. However, many web servers cannot (yet) handle the advanced setting (corresponds to the digest method).
The shop is now ready for use, the first steps guide will help you to proceed with PepperShop Onlineshop. Have fun!
Further help
Do you need further support? PepperShop provides you with various options.
- It often helps to click on the question mark icon in the top right-hand corner of the administration. Here you can get direct help on the topic in question.
- Various answers can be found in the FAQ. These can also be accessed in the shop administration via Help&News -> Help archive. Or via our homepage https://www.peppershop.com/de/services/support/faq/
- In the PepperShop Academy https://www.peppershop.com/de/services/academy/ you can easily and conveniently find various free video tutorials.
- We are also happy to help you by e-mail or telephone (CHF 185./h) support@glarotech.ch or +41 71 923 08 58