you do not understand, the purpose of deny all is to not let allow direct access via an HTTP request to the \inc\ folder as it is never needed even by admins. deny all is cleaner and easier
however, the admin folder does need to support HTTP requests, so rename it, apply user/pass protection via htaccess and apply the Admin PIN and other plugins to add security.also, use hidden admins, hide super admins, etc. via the various tutorials out there
* Josh H. needs popcorn
@OP - You simply do not seem to understand that using user/pass on inc/ is theoretically less secure than a deny all. Deny all does not give attempts to gain access; user/pass does.
As for #5: Do you know that the last release was all the way back in 2010? Fwiw, I tried it a while back, and it did nothing at all. I know ideally what it's supposed to do, but it doesn't seem to change anything significant in real-world use.
as well my pass cant be cracked so let hackers try from today till tomorrow
(2012-08-09, 04:17 PM)Marks-Mans Wrote: [ -> ]as well my pass cant be cracked so let hackers try from today till tomorrow
In the internet, nothing is secure with skill and patience. Just a thought.
Or if someone makes off with the hash, they can just run it through software in very little time.
Actually No One Could Get In I Am Using This Method
& For more Security You Can Also Add Extra User & Pass With Htaccess
So Now We Can Protect Directory with 2 Username & Pass
So If The Hacker Bypassed First 1 He Cant Bypass Second
For Sure Use Different Passwords
There is always a possibility you can be hacked. You can't be 100% secure, ever. Security is a process, not a product.
(2012-08-27, 04:49 PM)Paul H. Wrote: [ -> ]Security is a process, not a product.
In my oppinion security is an illusion, especially on the internet. You can try to make it as hard as possible for those that want to do you harm, but you
cannot make it impossible.
Nothing is
100% secure !
I think the creator of this threads fools himself with being really secure with what he claims, is what you need to do to achieve security. He also dismisses every reply that is made in proving him wrong.
Doesn't really speak for him.
I absolutely hate the way this person writes to the point I can't even focus and read it :/
![[Image: demotivation.us_FACEPALM-Youre-doing-it-...471448.jpg]](https://camo.mybb.com/78eafbc3b5a2624f2326f63a91237f64d8eadd0f/687474703a2f2f7777772e64656d6f7469766174696f6e2e75732f6d656469612f64656d6f74697661746f72732f64656d6f7469766174696f6e2e75735f4641434550414c4d2d596f7572652d646f696e672d69742d77726f6e675f3133303036353437313434382e6a7067)
(2012-08-27, 04:49 PM)Paul H. Wrote: [ -> ]There is always a possibility you can be hacked. You can't be 100% secure, ever. Security is a process, not a product.
Please say that to Cisco
, They will turn around be vanish you.
(2012-08-27, 03:17 PM)Marks-Mans Wrote: [ -> ]Actually No One Could Get In I Am Using This Method
& For more Security You Can Also Add Extra User & Pass With Htaccess
So Now We Can Protect Directory with 2 Username & Pass
So If The Hacker Bypassed First 1 He Cant Bypass Second
For Sure Use Different Passwords
1. Reverse Engineering;
2. "admin1" folder, *facepalm*;
3. php-firewall? Okay I'm going to pretend i didn't see that. *facepalm*
If you want to make your Admin folder super secure, delete it, make it localhost or specific IP address;s only.
If you was smart with security you would know how to stay safe.
Note: In the reply to this thread,
TWO faces got palmed.