• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
Protecting admin.php and the install directory using .htaccess

Protecting admin.php and the install directory using .htaccess

Brogan

XenForo moderator
Staff member
#1
Brogan submitted a new resource:

Protecting admin.php and the install directory using .htaccess (version 1.0) - Stop those annoying skiddies.

If you want to provide an extra layer of protection to admin.php and the /install directory, you can do so with .htaccess.


Protecting admin.php
To protect admin.php, edit the .htaccess file which is in your forum root directory (e.g. /community) and add the following to it:
Code:
<Files admin.php>
AuthType Basic
AuthName "ACP"
AuthUserFile "path/to/passwd/file"
Require valid-user
</Files>
The "path/to/passwd/file" will look something like...
Read more about this resource...
 

Cool

Active member
#2
just for all wich don´t know exatctly how to ip-protect:
Code:
<Files admin.php>
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ???.???.???.??? # set your ip here
</Files>
 

Ryan Kent

Well-known member
#3
I have a dynamic IP but it normally varies only slightly. Is there a wildcard char that can be used? Would something like 159.254.???.??? work? I know it is not 100% secure but it should be solid enough for my purposes.
 

WoodiE

Well-known member
#6
Good advice, I've been using htaccess to control my wordpress, vbulletin, and XF access based on IP, works great!
 

Martyn

Active member
#7
Not bad but i recommend using this one! ( works good )
Code:
<Files admin.php>
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} !^120\.0\.0\.1
RewriteCond %{REMOTE_HOST} !^123\.45\.56\.789
RewriteCond %{REQUEST_URI} !/index\.php$
RewriteRule .* /index.php [R=302,L]
</Files>
that way rather then giving the person and error, it just redirects them back to the home page.... :)

please "Like" if you use! :)
 
#15
hey guys, it doesnt work for me, i tried all of them...

Not Found

The requested URL /cpanel was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
 

Digital Doctor

Well-known member
#17
Hmmm ...
I tried my other godaddy account and it didnt work either.
It looks like cpanel is an OPTION in godaddy.
The shared hosting account doesnt seem to have cpanel, whereas the virtual dedicated account does have cpanel.
Godaddy has their own cpanel ... just log into godaddy.com to access it.
IMO, cpanel is better than what godaddy provides.