MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Suggestions and Feedback > Idea of making ACP access more secure
Full Version: Idea of making ACP access more secure
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

mattias

2012-04-22, 11:03 PM
Hi,

everybody can freely access the ACP login page here: http://community.mybb.com/admin/
This always have bugged me. Then I thought why not add a bit more security to the ACP? I was thinking of an optional security question that only admins know and that unlocks the ACP login screen when answered correctly.

To prevent the admins from always having to answer the security question, you can use cookies that never expire. I think you get the idea. What is your opinion of this? And if this won't be implemented in future MyBB versions, can anyone tell me how I can code this/can someone code this for me?

Best regards

Josh H.

2012-04-22, 11:15 PM
I almost want to bet that the admin folder here is the ACP Honeypot plugin.

Known

2012-04-22, 11:15 PM
You can change the admincp location by editing the config.php file and changing "admin" to whatever you want, and then renaming the /admin/ folder to whatever you named it in the config.php.

Paul H.

2012-04-23, 12:06 AM
We could be using a honeypot Shy

And, as said above, you can change the ACP directory by renaming the folder and editing inc/config.php.

mattias

2012-04-23, 12:43 PM
Duh!, didn't think of renaming the admin folder. That's perhaps the best solution. Thanks Smile

pavemen

2012-04-23, 12:58 PM
plus you can add directory passwords via htaccess/htpasswd
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Suggestions and Feedback > Idea of making ACP access more secure