Hello!
I configure the forum to run, how to change the position of the panel with / admin?
who understands the protection and hacking: changing the path to the panel, does it provide good protection?
or when scanning the forum directories, and so it will be detected?
Rename the
admin/ directory to something random (i.e.
mysecretadmin/) and then edit the
inc/config.php file and find the
$config['admin_dir'] setting. Update this so it has the same value as your renamed admin directory.
Like so;
$config['admin_dir'] = 'mysecretadmin';
(2019-06-24, 03:58 PM)Ar2r Wrote: [ -> ]changing the path to the panel, does it provide good protection?
Yes, it's generally recommended.
Quote:or when scanning the forum directories, and so it will be detected?
Enumeration shouldn't be practical when the name is long enough and random, and the ACP link is not displayed or saved anywhere else (
$config['hide_admin_links'] = 1; will help here).
Worried, but without backup renamed /admin
I tried to enter a new address, oh miracle, it worked without editing the config.
Do I need to specify a new address in the config? what if you don't deposit it?
If the admin is renamed, how will hackers look for it?
$config['hide_admin_links'] = 1;
How does this code work?
(2019-06-28, 08:35 PM)Ar2r Wrote: [ -> ]Worried, but without backup renamed /admin
I tried to enter a new address, oh miracle, it worked without editing the config.
Do I need to specify a new address in the config? what if you don't deposit it?
Having this value setted in the config is usefull for plugins and internal usage. It's also used to displai the Admin link on the front, but:
(2019-06-28, 08:35 PM)Ar2r Wrote: [ -> ]If the admin is renamed, how will hackers look for it?
$config['hide_admin_links'] = 1;
How does this code work?
If you enable this, the front link won't be displayed, so noone can access directly to it. Hackers can try a kind of brute force, using common dictionnary and random, but if you choose something like /gbhd45DD674xde_A8, they won't find it easily
Notice: if you rename your admin directory, you'll have to rename it in the future MyBB archive you'll download for upgrade. And in the plugins too.
Thank you!
all the plugins that are installed, in their code you need to register a new path to the admin panel?
the fact that I cannot go to the renamed admin panel directly from the forum does not frighten me.
just go to a new address, as the browser will substitute this link.
No, usually the plugins which require the admin path (because they add pages in the ACP) use the MYBB_ADMIN_DIR constant or relative path, so you don't have to modify them.
Sorry, I do not want to create a new topic:
What are the plug-ins for multi-authorization via Google and social networks?
OneAll in the topic since 2015 no one writes that it is alarming. Maybe there are more famous plugins?
(2019-07-08, 10:05 PM)Ar2r Wrote: [ -> ]Sorry, I do not want to create a new topic:
What are the plug-ins for multi-authorization via Google and social networks?
OneAll in the topic since 2015 no one writes that it is alarming. Maybe there are more famous plugins?
It makes things easier if you can keep each thread to one issue. Please could you open another thread if support is still required.