Protecting admin.php and the install directory using .htaccess

Protecting admin.php and the install directory using .htaccess

Compatible XF 2.x versions
  1. 2.0
  2. 2.1
  3. 2.2
If you want to provide an extra layer of protection to admin.php and the /install directory, you can do so with .htaccess.

Protecting admin.php
To protect admin.php, edit the .htaccess file which is in your forum root directory (e.g. /community) and add the following to it:
<Files admin.php>
AuthType Basic
AuthName "ACP"...
You do not have permission to view the full content of this resource. Log in or register now.
First release
Last update
5.00 star(s) 6 ratings

More resources from Brogan

Latest reviews

8 years after first being posted and this is still the first thing I hunt down when doing a new install. Okay so i've not done one in 5 years, but hey, great that it is still relevent.
Perfect! This tip was exactly what I was looking for to secure the APC.
Just one comment, it could be good to add in the description how to generate a salt hash password. The command I used was
perl -le 'print crypt("my_password", "salt-hash")'
This is an excellent article, tailored to the newbie's level of understanding. I learned how to: Use IP address based protection, from reading it. As they say, "An ounce of prevention, is worth a pound of cure!"
An excellent resource for anyone that might want to add an extra layer of protection to their admin panel and Install directory. Thanks for sharing this.
just what i needed.