• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Securing Admin.php

A

action

#1
Protect admin.php file by .htpasswd
Below there we guide you to create file .htpasswd on two common Hosting Controller now (Cpanel and Directadmin).
A. With cPanel:
  • Logging into cPanel
  • Choose "Password Protect Directories" >> "Web Root" >> Choose the mother folder of your site.
  • Tick in "Password protect this directory"
  • In the section "Name the protected directory", fill: Admin Control Panel Protected
  • Click Save.
  • In the part "Create User" fill in Username & Password yours.
  • Click "Add/modify authorised user"
  • Okay, so now you have a file passwd at: /.htpasswds/public_html/name_folder_forum
B. With Directadmin:
  • Login into Directadmin
  • Choose "Password Protected Directories" >> "Find a Directory to Password Protect" >> Choose the mother folder of your site.
  • Tick in "Protection Enabled".
  • Fill the parameters into: "Protected Directory Prompt" - "Set/Update User" - "Password" - "Re-Enter Password"
  • Click Save.
  • Okay, now you have a passwd file at: .htpasswd/public_html/name_folder_forum
After you created htpasswd above, you should open the file.htaccess (in the original folder of your forum) and find this code:
Code:
AuthGroupFile /dev/null
AuthType Basic
AuthUserFile path/to/passwd/file
AuthName "ACP Protected"
Require valid-user
Replace with this code:
Code:
<Files admin.php>
AuthType Basic
AuthName "ACP Protected"
AuthUserFile "path/to/passwd/file"
Require valid-user
</Files>
Note: path/to/passwd/file will be formed
- /home/demosite.org/domains/demosite.org/.htpasswd/public_html/.htpasswd (With Directadmin)
- /home/demosite.org/.htpasswds/public_html/passwd (With cPanel)
Protect folder /install by .htpasswd
Create a file .htaccess inside the folder /install with this code:
Code:
AuthType Basic
AuthName "Install Protected"
AuthUserFile "path/to/passwd/file"
Require valid-user
At path/to/passwd/file you could use at this path file htpasswd to protect admin.php above or create a new account.
 
Thread starter Similar threads Forum Replies Date
XenForo Tips & Guides 0
#2
Please in future post these as actual resources!
A alternative method is to enable two step verification for those user groups who can access ACP ;).
 
Thread starter Similar threads Forum Replies Date
XenForo Tips & Guides 0