howtothings.co.uk   ›   Computing   ›   Website Development, Implementation and General Webmaster Support   ›   [MyBB] Help with securing your admin control panel - (how to)

  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[MyBB] Help with securing your admin control panel - (how to)
Mark
Tech Support
*******
Joined: May 2010
Posts: 1,995

Reputation: 0
#1
25-09-2010, 10:36 PM


Help secure your administrator control panel

I'm sure most of you know, the administrator control panel is where the administrators log in to change the settings and such for the forum. So if a "hacker" gets in to this panel, you're screwed to put it nicely.

You can go a lot more advanced that this, but this should do for the low end forums to just add a little extra security.

A. Rename your admin directory.

The default directory for your admin directory is "/admin". Renaming your admin directory to something else will reduce the chances of anybody finding it, therefore less chance of being attacked or hacked.

How to do it:

1. Connect to your forum using FTP, and find the "admin" directory inside of the "public_html" folder.
2. Once located, rename it (F2) to something difficult and cryptic such as "G7rZDa"
3. Now that it's renamed, you need to update your config file so that the forum knows where it is.
4. Navigate to the "inc" directory, and find "config.php", open it in a text editor such as notepad or gedit.
5. In the config file, find:

Code:
$config['admin_dir'] = '[b]admin[/b]';

Where it says 'admin' rename it, to whatever you called it, so ours would be:

Code:
$config['admin_dir'] = 'G7rZDa';

Save the file and re-upload if necessary.


B. Password protecting your directory

Password protecting your administrator directory is easy and adds an extra layer of protection. The easiest way is to log in to your cpanel, and do it through there. Adding this feature will mean people would now need an extra username as password to even get in to the log in screen of the admin directory.

Here's how to do it if you're using cPanel, log in and go to Security, then 'Password Protect Directories'. Once you're in click on the icons to open up directories until you find the admin directory. Then, click on it.

From here, set up individual usernames and passwords. Again, use something difficult, even for the users, eg:

Username: St3ve71
Password: P4Sw0rDD!Z


If you want to do it manually using .htaccess you can see my tutorial here:

http://mcompute.co.uk/showthread.php?tid=256

  Reply


Messages In This Thread
[MyBB] Help with securing your admin control panel - (how to) - by Mark - 25-09-2010, 10:36 PM

Forum Jump: