Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Move admin.php file
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> RN v2.10.01 - All Issues
Author Message
utssace
Worker
Worker



Joined: Feb 18, 2006
Posts: 155
Location: Virginia
PostPosted: Wed Oct 17, 2007 7:35 am Reply with quote
I have read the HowTo and searched forum but I am looking for info
on moving the admin.php file. I also want to rename the admin file.
I renamed it and fixed the $admin_file line but if I want to move the admin
file can I just do this:

Code:
$admin_file = 'folder/folder/admin';


Of course with "admin" being my new admin name.
 
View user's profile Send private message Visit poster's website
Gremmie
Former Moderator in Good Standing



Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA
PostPosted: Wed Oct 17, 2007 7:45 am Reply with quote
I don't know if that will work or not, but I think a much better idea is to just leave the name admin.php, but protect it with CGIAuth or HTTPAuth. Sentinel can help set that up.

With CGIAuth, for example, any access to admin.php is challenged by the server, and the requester has to present an additional login/password before it will even be served.

_________________
GCalendar - An Event Calendar for PHP-Nuke
Member_Map - A Google Maps Nuke Module 
View user's profile Send private message
PHrEEkie
Subject Matter Expert



Joined: Feb 23, 2004
Posts: 358
PostPosted: Wed Oct 17, 2007 9:54 am Reply with quote
A few years back, renaming it broke more things than was worth the extra security. Since then, these current builds have that all ironed out, and it is quite safe to rename it. Just rename the file, then add the appropriate new name to config.php.

For the record, after building over 100 nuke sites in my career, I have never renamed a single admin file. I have never been hacked, nor any of my clients hacked (that I am aware of). The server side security does the trick (as Grem mentioned).

Other 'paranoid' tactics include entirely removing it from the server, and re-uploading it when it is needed, or just renaming it to anything and NOT adding it to config.php, then rename it admin.php when you want to use it.

Use a server side challenge, and just get your beauty sleep every night.

PHrEEk

_________________
PHP - Breaking your legacy scripts one build at a time. 
View user's profile Send private message
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> RN v2.10.01 - All Issues


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©