XF 2.2 Can i change admin.php into something crypting.php?

hibiskus

hibiskus

Active member
Hey I wanted to ask if it would make any problem if I change the generic name admin.php to something like xn3qskdw9.php?
I am asking for security reasons, since that is a static point for black hats to try on.
I am not asking if this makes sense or not, simply if it would interfere or brake anything, which may rely on the naming of admin.php.
 
Last edited:
Sort by date Sort by votes
There is no reason to change it, as a determined attacker will find the new file name even if you name it 128 random letters.

A common approach is to secure it with a password.

xenforo.com

Protecting admin.php, the /install directory, and test & development installations using .htaccess

If you want to provide an extra layer of protection to admin.php, the /install directory, and test & development installations, you can do so with .htaccess authentication. Protecting admin.php To protect admin.php, edit the .htaccess file...
xenforo.com xenforo.com
 
Upvote 1 Downvote
He could also find out my password, but for that he has to first find out the file name.
Nothing is unattackable you can only make the effort higher.

Changing the filename from default name is out of question still an additional layer.
As specially this kind of layer will work against some many standard simple bot attacks.
But I like the idea very much to secure it with htaccess/apache additionally, thank you for the hint.

So you did not concretely answered to my question, so I can change for example to 128 random letters, without anything braking? :p
 
Upvote 0 Downvote
hibiskus said:
He could also find out my password, but for that he has to first find out the file name.
Nothing is unattackable you can only make the effort higher.
Click to expand...
Almost no one in IT believes in security through obscurity anymore. It delays the inevitable at best. Make sure all admin accounts have 2FA enabled and use the measures in the thread Ozzy posted about .htaccess. And use those even if you do rename it because those are what will protect you, not the rename.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

eL_
  • Question Question
XF 2.2 How can I change
Replies
8
Views
620
TPerry
TPerry
GW2
  • Solved
XF 2.2 Can I change Spam Cleaner default message
Replies
2
Views
503
GW2
GW2
Black Tiger
  • Solved
XF 2.2 Can I change use html in a post (or when editting)
Replies
1
Views
529
Paul B
P
spirogg
  • Solved
XF 2.2 I accidentally selected Yes to all administrative options and wanted to know how I can change it back
2
Replies
20
Views
1K
Paul B
P
Rom
  • Question Question
XF 2.1 How can I change the new message alert bell icon at the top?
Replies
6
Views
1K
ge66
ge66
Back
Top Bottom