This tutorial will show you how to add the best layer of security to your admin directory that you possibly can: Apache htpasswd.
To start, log into cPanel, and find the Security Section. Click "Password Protect Directories"
![[Image: d5UJ.png]](https://camo.mybb.com/ba7191b01ac5d42a7e3358d322e6f801ccdb31bf/687474703a2f2f692e696d6d2e696f2f6435554a2e706e67)
On the next page, click the directory you want to protect.
Next, enter in the user and password information. Be sure to click the "Password protect this directory" checkbox.
![[Image: d5UW.png]](https://camo.mybb.com/8755a0d667994bce823f9e3bd54c32ac17810721/687474703a2f2f692e696d6d2e696f2f643555572e706e67)
Click "Add/modify authorized user".
Tada!
I use this for a long time now, I've also protected 'inc/' folder, you know, there are some plugins there and we never know what those plugins contain...
(2011-12-17, 04:24 PM)TheGarfield Wrote: [ -> ]I use this for a long time now, I've also protected 'inc/' folder, you know, there are some plugins there and we never know what those plugins contain...
As plugins hook onto the core system and aren't directly executable, that isn't necessary.
I use this as well, IMO the one of the best protection one can ever get.
Good!, Thanks for sharing this information.
So when I access the acp I would have to...
- enter my forum username/password
- enter the username/password I created in my control panel
?
---------------------------------------------------------
We can also rename our admin directory as well as using this?
Thanks
You will need to enter the username and password you made above, then enter your forum details at the ACP login.
You can rename your admin dir, yes.
Oh ok, thanks man
How come it only asked for me to enter in the username and password once when going to my admin panel, and when I log out and log back into it it only asks for my regular admin username/password?
Shouldn't ask every time?
* I didn't check the "remeber this password" check box upon logging in so was wondering if we only log in once and forever?
(2011-12-17, 08:32 PM)FooFighter Wrote: [ -> ]How come it only asked for me to enter in the username and password once when going to my admin panel, and when I log out and log back into it it only asks for my regular admin username/password?
Shouldn't ask every time?
Your question is only your answer.
When you went there for first time, you were already logged in your ACP, so it just asked htaccess pw, when you logout, it takes you to ACP's index as well but as you're not logged in, it asks for details again.