System

Version

5.5.0 or newer

Table of contents

Introduction

In this article you will receive useful informations in terms of the system-tab in the Shopware backend settings. Here we explain in detail the topics service, input filter, backend, passwords and log.

Service mode

Shopware gives you the opportunity to activate a closure mode for the frontend. If activated the complete frontend is not reachable except for the excluded IP`s which have to be saved in the field IP excluded from closure.

Deactivate frontend

To do this, you need had to change two settings in the backend. You can call this function in the basic settings at the menu entry System > Service. Activate the closure by setting Closure shop due to maintenance to Yes.

To find out your IP, some external sites offer a special service (E.g. http://www.whatismyip.com/). After you have copied your IP, save it in the field IP excluded from closure: (2). If more than one IP is allowed to enter the frontend, you can enter another IP in the field. In this case use a space as a separator of the ip addresses like this: "192.168.178.100 192.168.178.101". The entry could look this:

 

How can I customize the maintenance text in the frontend?

The maintenance text which is displayed in the frontend, can be easily modified in the snippet management. Open the snippets module in the backend under Configuration > Snippets and edit the needed snippet:

SnippetDescription 
ServiceHeaderNot available due to maintenance! 
ServiceIndexTitleNot available due to maintenance! 
ServiceTextDue to maintenance work, the shop is temporarily not available. 

After modifying the snippets you have to save the changes and clear the shop cache. The snippet supports HTML formatted text and embed images. This means you can also place images into the snippet.

Input filter

Shopware has a few machanisms by default to protect you from attacks.

  • SQL-Injection protection
  • XSS - Protection
  • RemoteFileInclusion protection
  • Own filters

Here you can define a own regex for the InputFilter. Matching request variables won't reach the shop.

The separator is "|".

The regex has to be constructed by the follwong example:


 
javascript:|src\s*=|on[a-z]+\s*=|style\s*=
 

You should only configure this, when you know what you're doing!

Use strip_tags globally

When you activate this, each form input in the frontend is filtered with strip_tags.
This function filters HTML- and PHP-tags for input forms in the frontend.