MyBB Community Forums

Full Version: Hide admin name in userlist
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi there,

I already disabled the memberlist.php in the ACP but you can still see the name of the admin when you call the link mydomain.com/user-1.html or mydomain.com/member.php?action=profile&uid=1

If you disable search engine friendly URLs in the ACP it will use the latter format.

In the .htaccess there's this line that does it:

RewriteRule ^user-([0-9]+)\.html$ member.php?action=profile&uid=$1 [L,QSA]

I noticed if you do uid=0 in the browser it will show you your own current user. I already disabled guests to view any users.

What would be the correct RewriteRule to redirect user 1 (admin) to user 0?

I know it's security through obscurity, but better than nothing. Somebody would have to guess the username, the password and the ACP PIN (if he finds the real ACP). Shy

Thanks
You could always just redirect the urls in question to something else via your cPanel.

mydomain.com/user-1.html redirects to mydomain.com/user-0.html
mydomain.com/member.php?action=profile&uid=1 redirects to mydomain.com/member.php?action=profile&uid=0
Tell me, can I hide the admin without redirect?
and in terms of security, does it give an advantage?