Amaury
Well-known member
On vBulletin, but not on XenForo.
That is incorrect.
zoldos
Well-known member
I deleted my install folder and everything works great, XF 1.4.6....
rafass
Well-known member
Run File Health Check. ACP -> Tools -> File Health Check
/
Great tips, all protected now, Thanks Brogan!
Vet
Member
When I try to password protect the directory, it now requires a pass for public access to the entire forum. How do I protect only for admin?
Code:
# Mod_security can interfere with uploading of content such as attachments. If you
# cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
# SecFilterEngine Off
# SecFilterScanPOST Off
#</IfModule>
ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 405 default
ErrorDocument 406 default
ErrorDocument 500 default
ErrorDocument 501 default
ErrorDocument 503 default
<IfModule mod_rewrite.c>
RewriteEngine On
# If you are having problems with the rewrite rules, remove the "#" from the
# line that begins "RewriteBase" below. You will also have to change the path
# of the rewrite to reflect the path to your XenForo installation.
#RewriteBase /xenforo
# This line may be needed to enable WebDAV editing with PHP as a CGI.
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
</IfModule>
AuthName "ACP"
<Files admin.php>
AuthName "ACP"
AuthUserFile "/home/***redacted***/.htpasswds/public_html/forum/passwd"
</Files>
Last edited:
Vet
Member
Talk about a blaring oversight. Issue resolved. Thanks again for taking the time to help me out on this.
Martok
Well-known member
Here's a guide to doing so in Plesk 12.
Customer's Guide, Plesk 12.0
Personally I prefer to create the passwd file myself using this Htpasswd Generator – Create htpasswd - Htaccess Tools and uploading it via ftp.
Customer's Guide, Plesk 12.0
Personally I prefer to create the passwd file myself using this Htpasswd Generator – Create htpasswd - Htaccess Tools and uploading it via ftp.
kibi
Member
Thanks for hint Martok! 
You are right - Htpasswd Generator is better!
By the way, how to add the following code with IP protection for admin.php?
So we have psw protection + IP filter for file admin.php also
<Files "admin.php">
AuthType Basic
AuthName "ACP"
AuthUserFile "/path_to_folder/.htpasswd"
Require valid-user
Order Deny,Allow
Deny from all
Allow from localhost
Allow from 127.0.0.1
Allow from x.x.x.x
Allow from x2.x2.x2.x2
Allow from x3.x3.x3.x3
</Files>
You are right - Htpasswd Generator is better!
By the way, how to add the following code with IP protection for admin.php?
So we have psw protection + IP filter for file admin.php also
<Files "admin.php">
AuthType Basic
AuthName "ACP"
AuthUserFile "/path_to_folder/.htpasswd"
Require valid-user
Order Deny,Allow
Deny from all
Allow from localhost
Allow from 127.0.0.1
Allow from x.x.x.x
Allow from x2.x2.x2.x2
Allow from x3.x3.x3.x3
</Files>
Bob_R
Active member
Let's see if I have this correct for IP protection.
This is added to the already existing .htaccess in the root. Add this where in the root? Beginning, end? Does it matter?
And for install create a .htaccess
Of course replace 127.0.0.1 with your own IP.
Did I say this correctly?
This is added to the already existing .htaccess in the root. Add this where in the root? Beginning, end? Does it matter?
Code:
<Files admin.php>
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Files>And for install create a .htaccess
Code:
Order Deny,Allow
Deny from all
Allow from 127.0.0.1Of course replace 127.0.0.1 with your own IP.
Did I say this correctly?