Jump to content

Changing the admin path


yRookieMan
 Share

Go to solution Solved by Stuart Silvester,

Recommended Posts

If I remember correctly while you can still do this, its becoming a deprecated feature as its more secure to just enable 2FA to log into the Admin panel instead but someone like @Daniel F could likely be more sure than me.

Its a constant in the constants.php iirc but I don't remember which one.

Link to comment
Share on other sites

IPS generally don't recommend changing the ACP location, from conversations I've had with them in the past, and when I've tried to pin them down on as to why, I don't recall ever getting a satisfactory answer. Maybe someone at IPS can comment.

But with that said and out of the way, what you need to do is to rename the ACP folder (I think it's called "admin") and then in your "constraints.php" file which you can find in your installation root folder you need to add/modify the following the line replacing "ACP_FOLDER_NAME" with the name of the folder you've just renamed:

define( 'CP_DIRECTORY', 'ACP_FOLDER_NAME' );

That should be as far as I am aware, all that is required.

Link to comment
Share on other sites

  • Solution

Security through obscurity isn't the best idea. We recommend using the built in tools instead such as requiring multi-factor authentication for AdminCP access.

We also often see that customers that have done this still forget to rename the folder when upgrading manually and they end up with two admin folders, one that redirects to the other completely ruling out any obscurity advantage.

Link to comment
Share on other sites

Just now, Stuart Silvester said:

We also often see that customers that have done this still forget to rename the folder when upgrading manually and they end up with two admin folders, one that redirects to the other completely ruling out any obscurity advantage.

Actually, as someone who's done this before (And realised very quickly) this is absolutely a fair point. 

Link to comment
Share on other sites

17 hours ago, Stuart Silvester said:

Security through obscurity isn't the best idea. We recommend using the built in tools instead such as requiring multi-factor authentication for AdminCP access.

We also often see that customers that have done this still forget to rename the folder when upgrading manually and they end up with two admin folders, one that redirects to the other completely ruling out any obscurity advantage.

Please don't deprecate this. Hide in the docs, put up big warnings if you must, warn people that there is no additional security by doing this by itself, but please leave the option intact. Security through obscurity is the reliance of hiding things on security and is bad news bears. However, having the admin control panel in a non-standard place is one of many layers of protection, upon which moving it is not relied upon for security.

Consider Magento: https://docs.magento.com/user-guide/stores/store-urls-custom-admin.html

Capturing and mitigating against attempts to access the default URL serves a honeypot of sorts (we identify and isolate attempts to hit /admin which would be coming from no one up to any good), helps protect against scripted attacks, and layered with other protections, serves as a multi-layered approach to security. We secure administrative things on multiple fronts, including moving the ACP address, protecting access behind zero trust authentication, and having separate accounts for elevated administrative functions. We monitor and block traffic attempting to access known paths that no legitimate user would have any business accessing (i.e. example.com/wp-admin/, /admin, etc.), but we protect the actual administrative things as if the URLs were known to all.

The option to change the ACP path absolutely should come with a big "do not tamper with unless you know what you're doing" sticker. But please don't take it away.

Link to comment
Share on other sites

As @Morrigan shared, the feature is marked as deprecated. See line ~295 in init.php:

//--------------------------------------------------------------------------------------
// DEPRECATED OPTIONS: CHANGE AT YOUR OWN RISK
// These constants were once customisable but their fucntionality should now be
// considered deprecated.
				
	// AdminCP Obscurity Settings
	// It was once recommended for site owners to rename the directory for security
	// and set the CP_DIRECTORY constant so some links still work, the upgrader can put
	// files in the right place, etc. While it is still honoured, it is no longer recommended
	// as much more secure alternatives like two factor authentication now exist.
	'CP_DIRECTORY'	=> 'admin',	// The name of the directory where the AdminCP is

If we're all cool leaving this exactly as is, maybe with bigger warnings, and flashing traffic cones and such, then all is right in the world.

Im Out Amy Poehler GIF by FOX TV

Link to comment
Share on other sites

18 hours ago, Stuart Silvester said:

such as requiring multi-factor authentication for AdminCP access.

While you've got me on a rant, IPS will not use two-factor authentication for ACP access when providing support. This, while a really good idea, is required to be turned off by IPS or they cannot log in and we reach a standstill. So, this requirement has to be disabled for an account that IPS uses in the context of providing support.

I can appreciate that finding a nice way for people around the globe to share TOTP tokens is a challenge, but it's not unsurmountable, and there are other great ways to confirm that the support person logging in has more than just the username and password.

Edit: The constants.php guide probably could some references to where to read more about changing the constants listed there (For example, go look at init.php for details on others available and for notes on usage and associated warnings).

Edited by CoffeeCake
Link to comment
Share on other sites

4 hours ago, CoffeeCake said:

Please don't deprecate this. Hide in the docs, put up big warnings if you must, warn people that there is no additional security by doing this by itself, but please leave the option intact. Security through obscurity is the reliance of hiding things on security and is bad news bears. However, having the admin control panel in a non-standard place is one of many layers of protection, upon which moving it is not relied upon for security.

Consider Magento: https://docs.magento.com/user-guide/stores/store-urls-custom-admin.html

Capturing and mitigating against attempts to access the default URL serves a honeypot of sorts (we identify and isolate attempts to hit /admin which would be coming from no one up to any good), helps protect against scripted attacks, and layered with other protections, serves as a multi-layered approach to security. We secure administrative things on multiple fronts, including moving the ACP address, protecting access behind zero trust authentication, and having separate accounts for elevated administrative functions. We monitor and block traffic attempting to access known paths that no legitimate user would have any business accessing (i.e. example.com/wp-admin/, /admin, etc.), but we protect the actual administrative things as if the URLs were known to all.

The option to change the ACP path absolutely should come with a big "do not tamper with unless you know what you're doing" sticker. But please don't take it away.

+1

Many layers are the best. Relying on a single thing like 2FA or one less thing (without moving AdminCP) isn't good. 

I also use Cloudflare to lockdown my AdminCP to my IP address. 

Link to comment
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...