XF 2.2 How do I hide admin.php

D500hz

D500hz

Member
Hi can anyone help how do I hide for example: mydomain.com/admin.php? or make a security to it thank you
 
Sort by date Sort by votes
Upvote 0 Downvote
If you use Cloudflare, you can protect it upstream of your server before the HTTP requests even get to your server with their Zero Trust Network Access. It’s free if you have less than 50 people that need access (50 admins).

www.cloudflare.com

Access | Zero Trust Network Access

Secure your employee access with a faster and safer VPN alternative. Free for up to 50 users. See why IDC named us a Leader.
www.cloudflare.com www.cloudflare.com
 
Upvote 0 Downvote
I think you could rename admin.php too if you so required - or at least you used to be able to.

All rather redundant if you're using htpasswd or 2FA. Like putting a plaster on a knife wound.
 
Upvote 0 Downvote
digitalpoint said:
If you use Cloudflare, you can protect it upstream of your server before the HTTP requests even get to your server with their Zero Trust Network Access. It’s free if you have less than 50 people that need access (50 admins).
Click to expand...
I've done this. It works like a gateway where someone attempting to log in is stopped at the Cloudflare border with 2FA and isn't even touching my forums. Once past that, there is also the additional XF login to get to the admin panel.
 
Upvote 0 Downvote
James said:
I think you could rename admin.php too if you so required - or at least you used to be able to.
Click to expand...

That requires renaming the php file, editing a few templates, and an addition to the config.php file:

PHP: 
$c['router.admin.formatter'] = $c->wrap(function($route, $queryString)
{
   $suffix = $route . (strlen($queryString) ? '&' . $queryString : '');
   return strlen($suffix) ? 'new_admin.php?' . $suffix : 'new_admin.php';
});


James said:
All rather redundant if you're using htpasswd or 2FA. Like putting a plaster on a knife wound.
Click to expand...

Quite.
 
Upvote 0 Downvote
Tracy Perry said:
You can't "hide" it... but you can protect it.
xenforo.com

Protecting admin.php, the /install directory, and test & development installations using .htaccess

If you want to provide an extra layer of protection to admin.php, the /install directory, and test & development installations, you can do so with .htaccess authentication. Protecting admin.php To protect admin.php, edit the .htaccess file...
xenforo.com xenforo.com
If you are using nginx for your http server, it will require a different process.
Click to expand...
Thank you so much for the tutorials, it's now functioning!

1693939068111.webp
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

D
  • Question Question
admin.php blocked(hide) ip
Replies
3
Views
93
dutyfree
D
J
  • Question Question
MG 2.3 Can I hide the "meta-album" view when first entering "Media" area?
Replies
2
Views
35
joshg
J
securedme
  • Question Question
XF 2.2 where can I hide certain filter criteria?
Replies
1
Views
206
securedme
securedme
unproperlypropagated
How do I get this review system?
Replies
9
Views
199
unproperlypropagated
unproperlypropagated
Can
  • Question Question
XF 2.3 How do I make a dictionary page?
Replies
0
Views
32
Can
Can
Back
Top Bottom