Jump to content

How to hide /admin to public?

FelixT
 Share

Recommended Posts

Miss_B Veteran

Miss_B

Posted
Posted
On 3/18/2022 at 4:19 PM, FelixT said:

Could you please help? ... May i know How to hide .............../admin to public?

Regards,

What do you mean by hiding admin to public? Are you worried about the security? If so, you can use the required multi factor authentication to access the Admin Panel. 

Link to comment
Share on other sites
FelixT Newbie

FelixT

Posted
  • Author
Posted
On 3/21/2022 at 8:07 AM, Chris Anderson said:

Check out the following guide:

You can add the following to your constants.php file:

Constant - CP_DIRECTORY

Use - Name of your admin CP directory when changed from the default of 'admin'

Example value - 'newcpdirectory'

 

Thank you so much for your info and help.....will try that.

Link to comment
Share on other sites
Sonya* Grand Master

Sonya*

Posted
Posted

CP_DIRECTORY is deprecated  

//--------------------------------------------------------------------------------------
// DEPRECATED OPTIONS: CHANGE AT YOUR OWN RISK
// These constants were once customisable but their fucntionality should now be
// considered deprecated.

// AdminCP Obscurity Settings
// It was once recommended for site owners to rename the directory for security
// and set the CP_DIRECTORY constant so some links still work, the upgrader can put
// files in the right place, etc. While it is still honoured, it is no longer recommended
// as much more secure alternatives like two factor authentication now exist.
'CP_DIRECTORY'	=> 'admin',	// The name of the directory where the AdminCP is

 

Link to comment
Share on other sites
Mark H Mentor

Mark H

Posted
Posted

Sonya is correct. While renaming the admin folder is still possible at this time, the option to do so will be removed in an upcoming release, so please plan accordingly.

We strongly recommend using 2FA for anyone that has ACP access.

Link to comment
Share on other sites
  • 2 years later...
Randy Calvert Grand Master

Randy Calvert

Posted
Posted
22 minutes ago, Egorkin said:

I tried the security questions. A very strange thing! I didn't understand how this would secure the account 🤔

It adds another layer an attacker must overcome. Here’s a scenario in which this defense would prevent:

A rather large number of people use the same usernames and passwords across multiple sites.  If I get a list of credentials from another compromised site, I could try them on other sites like yours and because you used the same credentials… I now have access to your account without actually hacking your site/server/IPB instance. 

However with another set of questions, it’s much more likely the attacker would not have access to those as well and would be stopped. (It’s possible they could if they were targeting you specifically and had lots of info on you but it would stop those “attacks of opportunity”.)  Now… it’s not as secure as something like having a 2FA implemented, but it’s better than nothing!
 

Link to comment
Share on other sites
Jim M Grand Master

Jim M

Posted
Posted
18 minutes ago, Egorkin said:

Why didn't the IPB authors make sure that each user came up with individual questions for himself?

You can select from a list or make your own questions. The user would select a question and insert their own answer. 

Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...