• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Best Way to Secure Your AdminCP

#1
Weatherz submitted a new resource:

Best Way to Secure Your AdminCP (version 1.0) - Learn How to Secure Your AdminCP by IP Whitelisting

I have found that this is the absolute best way to secure your AdminCP. It's a simple code that is added to the top of your admin.php file.

Basically what it does, is if a person's IP address isn't whitelisted, it automatically redirects them to any chosen URL, which is impossible to get passed (unless editing the file obviously)

This isn't very practical if your Administators log in from several different IP's or their IP's change frequently, so make sure you talk it over with anyone that...
Read more about this resource...
 
F

Floris

Guest
#4
I was hoping this would also include .htaccess / .htpasswd instructions for Apache users to protect the admin.php file. Here's a site I use to create a user/pass .htaccess / .htpasswd file for admin.php http://www.tools.dynamicdrive.com/password/

Also, for security reasons, it is a good policy when you are about to upgrade, that after you have backed up to change the administrator password, and to check your config.php; Make sure debug is turned off for example.