i guess i just assumed the open source solution took care of security for credit cards, etc. via https. Are you talking about when someone enters their credit card info or for log in to the admin panel, etc.?
Overall, I hope the admin part isn`t too time consuming such as patches, etc. and I`d hate to re-do a lot of work! I`m going to have to research XHTML nd AJAX as those are definitely new to me. Great advice about the bots and spamming - I never would have thought of that or think I have to worry about them.
I do not agree totally with Profitizer. To admin a ZenCart site you do not need to know PHP. Just ask Janie - http://houseofjerky.net
(a ZenCart site).
As far as https: - SSL for your site. That is separate from the ecommerce program. You can run an ecommerce program with or without an SSL (although without an SSL you may lose customers). Once an SSL is installed, you would configure your ecommerce program to accommodate it. This is a simple matter to accomplish.
I think much of what Profitizer notes are vaild issues, but these would be addressed by an experienced web host and/or web designer. I have installed many ecommerce sites using fantastico. At times the program version available through fantastico may lack behind the current version, but ZenCart and other ecommerce programs do not change a lot - that is, there is not a new version every month or even every year.
Roland and Fred,
My main objective was to address what to consider in going the open source route.
I`ve installed many software open source packages both free and fee-based and in some of the more popular packages of all types, you`ll find community users complain that they have to apply a patch or upgrade for whatever reason (normally bug fixes and security) on a semi-regular basis. No software package is really immune. For Zen Cart, Roland seems to have answered at least that question for you.
You always want to enter into something with your eyes open versus finding out when it`s difficult, embarrassing and/or time-consuming to resolve. I`ve seen or read about that situation too many times over the years. And by the way, there are some very experienced webmasters and web hosts who don`t necessarily recommend installing older software versions just for that very reason (security and bug fixes) and I personally agree for my own purposes, but that doesn`t mean it shouldn`t be done. As Roland mentioned, it works fine for him.
As far as my mentioning PHP as an ability to have, typically, once the software is installed, most times, you don`t need to know PHP especially for those mature packages. It`s just that once you get into learning a software package, you are bound to find something you want to customize to better fit your business as one size doesn`t always fit all. Especially since you have a programming background, you`ll tend to look at things from a different perspective than those without that background.
Although I hear folks say quite often, "it`s so-and-so`s responsibility..." like a programmer, designer, employee, etc., the final responsibility rests with the business owner regardless. Therefore, if you go into having a website built and installed whether open source, template, or other, it is still up to you to make sure that patches get installed when there are some, especially for security and performance fixes. You`ll have much more to worry about if you experience an exploit by someone who has entirely too much time on their hands (which is usually how the developer finds out about security holes) or if your customer uses that software and a feature doesn`t behave properly and it had already been fixed in that later version that was available but not installed. You`ll find out much more by spending some time reading the software`s community forum threads to see many of the common issues and whether those issues are important to you.
That`s all I was trying to say. Just be aware of what you are embarking upon. Sometimes software looks quite easy and logical and seems right for an application, but as you peel away the onion skin, you`re eyes sometimes do water and you may find yourself really crying. If that happens, it`s preferred that it be early on so you don`t have to shut down your site or disable a software application whether temporarily or permanently to deal with that which should have been known up-front.
Good luck in your endeavor.
International Business Network, LLC. (IBNETLLC.com
* Buy Web Traffic (100% Human Targeted) at...
The Advertising Wall (.com) | VisitorsGalore.com
* Add Your Website Link to the LinkToUs.net Directory! (SEO backlinks)
* Website Traffic Repair (.com)
| * Health Care Statistics (.org)
| * Cardio Workout (.tv)