move the adminfile to a protected directory

2002-07-15
2002-10-31
  • I think this is all the weak points I could find. O yes one more, I found it hard to move the adminfile to a protected directory. This becauese files are interlinked at more that one place.

     
    • i just renamed my admin.php file so it was a little more difficult to hack. seems to work.

      - drew

       
    • Just put a copy of all the engine into your secure (htaccess) directory... then change the paths to point to  your files. If you're using the database it's even easier, nothing to change!

       
    • Chris
      Chris
      2002-10-30

      Just make your own admin.php with login and MD5 encryption true a userid and password in the table.

      Like on www.lookhere.nl under foto album

      Try to use the admin.php over there it will not work because you have to login first to get access to it.

      If you guys like it I would love to share this

      Greetz Whosnext

       
    • Julian Pedley
      Julian Pedley
      2002-10-31

      I use "basic authentication" for my admin.php as I am the only user and I dont think anyone will take the trouble to sniff the password. Is there any need for anything more secure in my circumstances?

      I read up on http://frontier.userland.com/stories/storyReader$2159 (although I use apache) and it seems to be good enough for me, but please enlighten....

      Jules

       
    • I wrote a simple password protection program for the admin.php file

      if your interested read this thread.
      http://sourceforge.net/forum/forum.php?thread_id=749508&forum_id=17943