Securing your AbanteCart online store is an important step in protecting your business and customers’ data. In some countries, laws govern the use and protection of customer data, which you should be aware of when trading online.
AbanteCart’s Encryption Data Manager hardens your store’s online security. The extension ensures that information such as customer addresses, emails, phone and credit card numbers are encrypted before transmission. An encryption key can be stored securely, preventing access to customer data in the event of a security breach.
Enabling secure encryption in AbanteCart is an advanced feature that requires you to edit PHP files on your server. Once the extension is enabled and your data encrypted, there is no undo option and Encryption Data Manager cannot be disabled.
Be aware of the following notes before you decide to encrypt your data:
- Keep your security keys in a secure location with restricted file permissions for root and Apache (web server).
- Back up your keys in a remote secure location. Lost keys may result in a loss of all data.
- AbanteCart does not offer key expiration management. Keys must be manually rotated to optimize security (see steps below).
- A search on encrypted user data will not work once that data has been encrypted (for example, searching for customers by address, phone number and so on).
Use the following steps to guide your configuration.
Install the Encryption Data Manager extension
In your AbanteCart administration dashboard, install the Encryption Data Manager extension at Extensions > All Extensions. Scroll down the list of extensions and press the Play button to install.
Once installed, set the Extension status to On.
Configure the key storage location
Log in to your HostPapa Dashboard and then head to My cPanel.
Now select File Manager.
Navigate to your AbanteCart folder and find the /system/config.php file. Highlight the file and select Edit from the top command bar.
If you are asked to confirm Encoding settings, leave the default option in place and click Edit.
Add the following lines to the file, changing ’/path/to/keys/’ to the location in which you wish to store your encryption keys on the server. If you do not change this path, a default path of /system/keys/ will be used.
define('ENCRYPTION_KEYS_DIR', '/path/to/keys/');
define('DATA_ENCRYPTION_ENABLED', true);
Click Save Changes to continue, but don’t close the cPanel File Manager yet, as we have an additional line to enter shortly.
Generate a new encryption key
Back in the AbanteCart admin dashboard, head to Extensions > All Extensions > Encryption Data Manager and click the Edit button to configure your settings. Then click the Additional Settings tab.
Scroll down to Generate Key Pair and enter some text in the Unique key pair name field. Do not use spaces or special characters. Now click the Generate Key Pair button. Your encryption keys will be shown on screen.
Head back to the cPanel File Manager and paste the following line into your /system/config.php file. Change ‘your_key_name’ to the Unique key pair name you entered in AbanteCart previously.
define('DATA_ENCRYPTION_KEYPAIR', 'your_key_name');
Click Save Changes to continue.
Encrypt all data
With the encryption keys now generated, you can proceed to encrypt your data. To do so, in the AbanteCart Encryption Data Manager’s Additional Settings tab, click the Encrypt Data button. You can choose to run encryption in a Test Mode first and to Remove source data once the process is complete.
Your data will now be encrypted.
Require customer login name to prevent duplicate accounts
Now that your customer data is encrypted, you may need to change your checkout settings to prevent duplicate accounts being created. Head to System > Settings > Checkout and set the Require login name option to ON.
Rotate key pair
It’s a good idea to rotate your key pairs once in a while to further secure your customer data. To do so, first generate a new key pair using the instructions detailed above. Be sure to edit the AbanteCart config.php file with your new unique key pair name.
Head to Extensions > All Extensions > Encryption Data Manager and click the Edit button to configure your settings. Then click the Additional Settings tab.
Under Encrypted data records, use the dropdown menu to select your new key name and click Encrypt data.
Your data will be re-encrypted using the new keys.
For further questions or if you need help, please open a support ticket from your HostPapa Dashboard. Follow this link to learn how.
