Resource icon

Best Way to Secure Your AdminCP

Carlos B

Weatherz submitted a new resource:

Best Way to Secure Your AdminCP (version 1.0) - Learn How to Secure Your AdminCP by IP Whitelisting

I have found that this is the absolute best way to secure your AdminCP. It's a simple code that is added to the top of your admin.php file.

Basically what it does, is if a person's IP address isn't whitelisted, it automatically redirects them to any chosen URL, which is impossible to get passed (unless editing the file obviously)

This isn't very practical if your Administators log in from several different IP's or their IP's change frequently, so make sure you talk it over with anyone that...
Read more about this resource...


I was hoping this would also include .htaccess / .htpasswd instructions for Apache users to protect the admin.php file. Here's a site I use to create a user/pass .htaccess / .htpasswd file for admin.php

Also, for security reasons, it is a good policy when you are about to upgrade, that after you have backed up to change the administrator password, and to check your config.php; Make sure debug is turned off for example.