Open Cart Security

  • Answered

We are currently developing our website based on Open Cart. I have a jewelry Business.
One of my main concerns about Open cart is it being open source and how secure will it be.

We are planning to invest in SSL as well, but not sure if it is needed as the moment a customer goes to checkout, he moves out to another website for payment.

Please guide me through this.

Thank You
Hello Akhil,

OpenCart is neither less secure, nor more secure than any other ecommerce solution out there. Programs, whether Opensource or not, are all inherently vulnerable to the same things. Hackers learn the file structure and test whether the code is susceptible to different probes to access data or insert malicious code.

Staying current with the program version is key, as that means you are up to date with any security updates that were recently implemented. Also, renaming the Admin folder, removing the Install folder, and having proper index files in all subfolders to prevent any file snooping is recommended. These are all very simple to do, but most people fail to do them, which makes it easier for a hacker to get inside.

Again, these vulnerabilities are common to almost all programs, open source or not, and should be addressed no matter which ecommerce solution you decide on.

You are also correct in that SSL is not needed if you are redirecting the visitor to a secure location for checkout. SSL simply encrypts data going to and from the site and has nothing to do with the above vulnerabilities mentioned.

I hope this answers your question. If you have any more questions or information specific to the issue please leave a comment below so we can further assist you.

Best Regards,
Scott M