• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Changing the admin URL?

Jake Bunce

XenForo moderator
Staff member
#8
Ok. This requires getting into the code. This is the relevant code:

library/XenForo/Link.php

Code:
	public static function buildAdminLink($type, $data = null, array $extraParams = array())
	{
		$type = self::_checkForFullLink($type, $fullLink, $fullLinkPrefix);

		$link = self::_buildLink('admin', $type, $data, $extraParams);
		$queryString = self::buildQueryString($extraParams);

		if ($queryString !== '' && $link !== '')
		{
			$append = $link . '&' . $queryString;
		}
		else
		{
			// 1 or neither of these has content
			$append = $link . $queryString;
		}

		if (($hashPos = strpos($type, '#')) !== false)
		{
			$append .= substr($type, $hashPos);
		}

		$outputLink = 'admin.php' . ($append !== '' ? '?' : '') . $append;
		if ($fullLink)
		{
			$outputLink = $fullLinkPrefix . $outputLink;
		}

		return $outputLink;
	}
You can see this line in there which specifies the file name:

Code:
$outputLink = 'admin.php' . ($append !== '' ? '?' : '') . $append;
If you change the file name here and then rename the file on your server then that will change the location of the Admin CP.

If you post a request in this forum then maybe some one can make an addon for this so you don't have to edit the files.
 

Forsaken

Well-known member
#10
Ya.. but regardless of software at all this is a good best practice.
Obscuring the URL will not stop someone from accessing your admin panel, as they would have already brute forced the pass, or they would have gained it some other way.

And unless you're intending to change the link in the moderation bar, they'd still know the URL in the end.

Using htaccess to secure the file, or limiting it to your IP only is more secure than changing the file name/location.
 

Brogan

XenForo moderator
Staff member
#11
You can always use .htaccess as Forsaken has suggested.

Set up the password file using cPanel and then enter this in your .htaccess file:

Code:
<Files admin.php>
AuthType Basic
AuthName "ACP"
AuthUserFile "path to passwd file"
Require valid-user
</Files>
Change path to passwd file to the actual password file path.

If you want to limit it to your IP address then use this:
Code:
<Files admin.php>
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Files>
Change 127.0.0.1 to your IP address.
 
#12
@brogan

The requested page could not be found.

I used
Code:
<Files admin.php>
AuthType Basic
AuthName "ACP"
AuthUserFile "/www/.htpasswd"
Require valid-user
</Files>
using cPanel.. any idea ?
 

Brogan

XenForo moderator
Staff member
#13
I can only assume the path to your password file is incorrect.

For reference, mine looks something like this:
AuthUserFile "/home/domain/.htpasswds/public_html/forum/passwd"
 

Slink

New member
#14
Do any of you know how to possibly change the admin URL?
Its easy.
Just change your admin.php to anyname.php

Now go to
Code:
/library/XenForo/Link.php
And find the following line
Code:
$outputLink = 'admin.php' . ($append !== '' ? '?' : '') . $append;
And change the 'admin.php' to 'anyname.php' .

And you are done.
Give me feedback. Is this worked for you?