Hi
With Joomla 3.6.4 and Virtuemart 3.0.18, everybody can add product in the frontend!
For Public, Guest and Registred ACL for "not allow".
In /components/com_virtuemart/views/virtuemart/tmpl, in file default.php, I add a # to not have the icon in the frontend
# echo $this->add_product_link;
But II like to know if there is another possibility
Regards
Was your website hacked before Joomla security fix ?
CHeck your perm settigns for Virtumart using YOURSITE/administrator/index.php?option=com_config&view=component&component=com_virtuemart, if all is right set.
to hide it, does not preven that someone may misuse it. We had that lately quite often and I think it is connected to the last joomla hack.
OK!
is it possible to activate desactivate the frontoffice for everybody
regard
check if you have been hacked first
then decide on what you do next
deactivating front office is no use if you are hacked
Hi,
My question is not "My site have been hack?"
But
How "disactivate VIRTUEMART Frontend acces?"
Regards
The second level question is : there is a backdoor (or more) in virtuemart?
QuoteFor Public, Guest and Registred ACL for "not allow".
which u already have.. I have seen one other site like this and I can only assume it was a malicious setting by a hacker
Found the solution by carefully comparing the ACL setup between a fresh install and the problem one .. and it was only config
The simplest hack is to modify file JOOMLAROOTt\components\com_virtuemart\virtuemart.php :
if ( shopFunctionsF::isFEmanager() ) {
to
if ( 1===0 ) {
Hi
I test the solution of Studio 42
Was it possible to change the parameter of isFEmanager() that is less brutal than 1===0 ;-)
For the ACL all is Not Allowed (inherent) for Public, Guest, Registred, Author, Redactot, Editor !
Regards
Quote from: glenanpl on December 24, 2016, 19:07:53 PM
OK!
is it possible to activate desactivate the frontoffice for everybody
regard
This is a safe way, if your site is hacked, this stop any front editing. So if you add .htpassword to admin, no hacker can acces your shop with a backdoor.
All aother way was explained by other but you said, you want completly disable front acces to VM.