Security by obfuscation is ineffective IMHO.I'd assume that the admin.php file can be renamed... (assuming that references to admin.php in the code are done via a PHP variable similar to vBulletin). You could make it as inconspicuous as faq.php with some generic FAQ text for unauthorised users or you could even rename it 404.php then add some extra security like showing a 404 page if the user's usergroup isn't admin...
possibilities are endless!
People on bad hosting don't have .htaccess != People who don't have .htaccess are on bad hostingBut that wasn't what you said:
I think he was just playing.People on bad hosting don't have .htaccess != People who don't have .htaccess are on bad hosting
There are hosts out there that, although they run on Apache, don't allow their shared hosting customers to use .htaccess files.
Or to put it another way:
It's always cold when it snows. But that doesn't mean it always snows when it's cold.
Mimicry of other posts is ineffective as well.Security by obfuscation is ineffective IMHO.
Yes, and like all black-and-white arguments, this one is getting pretty stale.Trying to accomplish security through obscurity?