Mind blowing SEO improving and Google rank increasing Signature Rotator SEO Tool.

Thread: 

How to protect directory .htaccess

Ads
ivan Offline referral

Posts: 713
Joined: Jul 2013
Reputation: 6

#1
Senior Member
Hi it's me again this time I need help to protect my admin folder with .htaccess. My website has administrator control panel that is password protected but anyone can access it. So I am looking to somehow allow access to only my computer and deny access to others. Can this be done with .htaccess.
invisibe_dude Offline referral

Posts: 820
Joined: May 2013
Reputation: 24

#2
Posting Freak
Yes it is very important to protect you admin directory from hackers, and just curious people! You can do it easily with .htaccess. What we are going to do is to allow access to a director only for a specific IP address, and redirect others to 404 Not Found.
Code:
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Example Access Control"
AuthType Basic
<LIMIT GET>
order deny,allow
deny from all
      allow from YOUR IP ADDRESS HERE
  </LIMIT>

Replace YOUR IP ADDRESS HERE with your IP address!
chod Offline referral

Posts: 860
Joined: Jul 2013
Reputation: 85

#3
Posting Freak
I would also rename your admin folder to something else. Of course you have to make sure to update the code accordingly, but that will also further help protect you from skiddies using automated tools looking for predesignated URL strings.

Be aware if you are talking about WP though you could start breaking things if you are not aware. It is easy to break admin-ajax.php. But if you are aware of everything as you further lock it down you will likely not hit anything major. Of course make sure your admin access is always over SSL, even if it is a self signed one.
www.AdminEmpire.com
www.BlimptonTech.com - Best Free Online JavaScript tool to minify JavaScript files.
marcus_avrelius Offline referral

Posts: 2,424
Joined: May 2013
Reputation: 102

#4
Support Team
I don't recommend renaming admin folder because features that are linked to admin folder will stop working
chod Offline referral

Posts: 860
Joined: Jul 2013
Reputation: 85

#5
Posting Freak
(07-23-2013 02:48 AM)marcus_avrelius Wrote:  I don't recommend renaming admin folder because features that are linked to admin folder will stop working

That is why you also have to update the code for the calls to the admin folder. It is really not hard at all to replace all calls to it.

Here are the steps I do, not fully complete but should get you on the right track.

1. Download most recent copy of Wordpress
2. Unzip into folder of choice.
3. Create a git repo of your current Wordpress. Make sure you setup two branches at least. Master should be your working copy you are going to create. Upstream should be for upstream only releases and updates.
4. move into the folder you put your Wordpress in.
5. Now you want to replace all instance of wp-admin inside the files.
Code:
find ./ -type f -exec sed -i 's/wp-admin/MyNewName/g' {} \;
6. Now you want to commit those changes into your repo.
7. Now you need to change all occurences of files with wp-admin in the name. It should be 2 files if I remember correctly.
Code:
for i in `find -name '*wp-admin*'` ; do mv $i `echo $i | sed 's/wp-admin/NewFolderName/'` ; done
8. Commit these changes in
9. Now you have a master branch with a renamed admin folder. Compress up your master branch. Upload to server. Delete the .git folder. Move to your location of choice, turn on webserver. WP should now work as expected with everything relating to wp-admin being now NewFolderName.
10. New version is released upstream. Check into your upstream branch.
11. There are many methods to go about this now. You can create a patch file before checking in the new one and that should patch your wp-admin on most updates. You could also setup the steps in a script to do it on each release. Honestly there are a ton of ways to handle it from here on out and depends on how you use git with your flow.

Disclaimer: this was all done from memory so please verify the steps as you go doing this.
www.AdminEmpire.com
www.BlimptonTech.com - Best Free Online JavaScript tool to minify JavaScript files.
marcus_avrelius Offline referral

Posts: 2,424
Joined: May 2013
Reputation: 102

#6
Support Team
WOW chod this is one hell of a post LOL
chod Offline referral

Posts: 860
Joined: Jul 2013
Reputation: 85

#7
Posting Freak
(07-23-2013 08:49 PM)marcus_avrelius Wrote:  WOW chod this is one hell of a post LOL
That is just how I roll Wink lol
www.AdminEmpire.com
www.BlimptonTech.com - Best Free Online JavaScript tool to minify JavaScript files.
marcus_avrelius Offline referral

Posts: 2,424
Joined: May 2013
Reputation: 102

#8
Support Team
Your are a funny dude! Thanks for everything Wink





User(s) browsing this thread: 1 Guest(s)