====== Installing Via FTP ======

====== Installation Background ======

== Upload the /catalog and sub-directories to your server.==

The files and directory structure must be uploaded to your web server. This can accomplished in several different ways. Use whatever method is most familiar to you, i.e., unzipping the zip archive to your local computer and using your favorite FTP program to upload those files, or using SSH to tar/unzip on your server to avoid the tedium of downloading and re-uploading.

The files can be uploaded to the document root, or any other subdirectory, like /catalog.

<note>
Note: If you are using FTP to upload files, you must upload all PHP files in ASCII mode, not binary. In our examples, we upload the files to the /catalog subdirectory.</note>

If you have never looked at the oscommerce archive before, the basic directory structure looks like this:
<file php>
         osCMax.zip
               /catalog
                  /admin
</file>

First, upload the /catalog directory and all the directories and files it contains to your document root (public_html or www). When you are finished uploading, your basic directory tree should look like this:

<file php>
             /public_html
                /catalog
                    /admin
                         /images
                         /includes
                    /download
                    /images
                    /includes
                    /install
</file>
===== Setting the Permissions =====

<note important>Set the permissions on /catalog/includes/**configure.php** and /catalog/admin/includes/**configure.php** to **chmod 777** if on a Unix/Linux system.  (Please note there are two files to do here.)</note>

Setting file permissions correctly will allow the installation script to write to the configure.php files. So, after they are uploaded you can use telnet, ssh, or your favorite FTP client to set the file permissions. CHMOD 777 will set the correct permissions for installation. 

<note tip>For osCMax 2.0.15, see the warning on the main [[installation]] page</note>

===== Setting up your database =====

Using phpMyAdmin or other tool, create your database and user, and assign that user to the database.

This section provides instructions using phpMyAdmin to create a database and user, and assign that user to the database. These steps are necessary BEFORE you run the install script. 

<note>Note:You do not need to create the database beforehand if your MySQL account has permissions to create new databases.</note>

  - On the opening screen of phpMyAdmin, under the MySql heading, you will see a text box. Enter the name of your database here, and click the **create button**. This creates your database.

{{:wiki:phpmyadmin.png?750}}

  - Click the **Home link** in the left frame. Then click the **users** link. 
  - On the next page, select the database that you want to assign this user to. Enter the host name (usually localhost), enter the username, and password. Check all the privileges available and click go. This creates the user and assigns the user to the correct db.

<note>Note: Many virtual hosts do not allow this type of access through phpmyadmin, and instead provide you with another way to create your databases and users through your hosting control panel. Check with your host.
</note>

====== Running the install script ======

===== Start Installation =====

  * Open your browser of choice - (I would recommend using **Firefox**)
  * Type **http://yourserver.com/catalog/install/index.php** into the URL bar - obviously, you need to swap yourserver.com to your actual server!
  * You should now see this screen.

==== **Screen 1** ====

{{ :wiki:wamp3.png?750 }}

  * Click **Continue**

==== **Screen 2** ====
  * Fill out all your Database Server information on this page
  
{{ :wiki:wampstep1.png?750 }}

  * Click the **Continue** Button
  * You should see the yellow box (bottom left) change to say "The database structure is now being imported.  Please be patient during this procedure."
  * You should now see the yellow box change to say "Database imported successfully"

{{ :wiki:wampstep2.png?750 }}

==== **Screen 3** ====
  * The information should be pre-populated for you - please check it is accurate.
  * Click **Continue**

{{ :wiki:wampstep3.png?750 }} 

==== **Screen 4** ====
  * Enter the information you want for the admin section
    * **Store Name** :: Your store name
    * **Store Owner First Name** :: Your first name
    * **Store Owner Last Name** :: Your last name
    * **Store Owner's Email Address** :: Your store email address
    * **Administrator Username** :: Your login username
    * **Administrator Password** :: Your login password (do not lose this!) {{ :wiki:wampstep4.png?750 }}
\\

<note important>Next, the install script will attempt to access your configure.php files. If the permissions are wrong, you will get error messages, and a "Retry" button. Set the permissions correctly and retry.</note>

==== **Screen 5** ====
  * FINISHED!
  * Click on **Catalog** or **Administration Tool**
{{ :wiki:wampstep5.png?750 }} 
  

====== Secure your new site ======

Please ensure that you read everything in this section and also this page on [[setting up security.]]

<note important>
Re-set the permissions on **/catalog/includes/configure.php** and **/catalog/admin/includes/configure.php** to chmod **444**</note>

**This is important to ensure security of your configuration.** CHMOD 444 the above files. This can be done through telnet, ssh, or an FTP client. If on a Windows server, you will need to right click the configure.php files and select 'properties' in the context menu. Once on the properties page, check the 'Read Only' checkbox, click Apply, and OK.

\\

The most common cause of hacks is code inserted into unprotected files and folders.

  * Folders should be CHMOD to a maximum of **755**.
  * Files should be CHMOD to a maximum of **644**.
  * Both configure files should be a maximum of **444**.

However, if you are using **suPHP** on your server (ask your host if you are not sure or run this [[suPHP check]]) then ...

  * Files should be CHMOD to a maximum of **600**.
  * Both configure files should be a maximum of **400**

<note tip>If you are a slightly more advanced user you can use a tip from Michael_S for setting this directly on the server.

These commands can be run from the linux command line or from an executable file via cronjob.


Here is the command run to set all directories:

**''find . -type d -exec chmod 755 {} ;''**

Here is the command run to set all php files:

**''find . -type f -name "*.php" | xargs chmod 644''**
</note>


With this permissions configuration, it is not secure to keep backups on your server. You should download the backup to your local computer, and never store the backup on the web server.
**Optional** Password protect your /catalog/admin dir using .htaccess

===== Securing your admin directory =====

Your admin section should be password protected. The easiest way to do this is to use .htpasswd and .htaccess to secure the directory. If you are not sure how to do this, please follow the procedure outlined below:

    * Add this code to your .htaccess file
<file php>
          AuthType Basic
          AuthName "Locked Area"
          AuthUserFile /home/youraccount/.htpasswds/admin/passwd
          require valid-user
</file>
    * Next, create your .htpasswd file. There are several ways to do this, but here is a non-linux users way: go to this web site http://www.kelv.net/programming/htaccess/ and follow the instructions!

See Also [[.htaccess Instructions]] and [[setting up security]]
Add to your DirectoryIndex statement and include the following : index.php This can be done in the Apache httpd.conf file if you have root access, or can be done in an .htaccess file in your /catalog dir.

===== Controlling the index page of your site =====

This is the .htaccess method for adding the **DirectoryIndex** statement.

  - Create a plain text file using a **text editor**.
  - **Add** this statement : DirectoryIndex index.php index.htm index.html
  - **Save** the file as .htaccess (note the period before the h)
  - **Upload** it to your /catalog directory

This tells the server to look for index.php as the index page in the /catalog directory, so you can access your catalog by the url http://www.yoursite.com/catalog/ instead of having to include the filename like this http://www.yoursite.com/catalog/index.php.

===== Remove the install directory =====
<note warning>
**Delete your /catalog/install directory**</note>

**Congratulations**, you have completed all the necessary steps to successfully installing osCMax on your web server. You should be able to access your catalog at http://yoursite.com/catalog and your admin at http://yoursite.com/catalog/admin.

===== Default Login =====

<note important>**From v2.0.2 onward this is the information you provided on Screen 4 during the install** - ie. you //were// paying attention :-x</note>

== You are now ready to login to the admin panel for the first time. ==

Only if you are __running v2.0.2 or before__ go to : http://www.yoursite.com/catalog/admin/ where you will be presented with a login screen. 

If you are installing an old version of osCMax (which you shouldn't) then:

  * The default, preconfigured login is: 
    * User name: **admin@localhost.com** 
    * Password: **admin** 

  * It is advised that once you login, you immediately change these credentials to something that only you know. See this document for instructions on how to do this: [[changing_the_default_admin_login_and_password | Changing Default Login]]