I went just to test this out to mybb.com/admin and it went to the admin cp login page. how do i make that not viewable to ppl unless u are logged in to ur admin account and u go from there. also how do i make it that it asks for the email and pass instead of username and pass
Rename the admin panel directory..http://yoursite.com/admin and make it
http://yoursite.com/rename or whatever you want..And edit your config.php change the "admin" with your own directory..
The link to the admin cp is visible to logged/in admins only
For what I did to my site is that:
1. I renamed the admincp directory that is, by default it is, yoursite.com/admin/ I kept to yoursite.com/mychoice
2. Edit the thing in .inc/config.php which says something like admindir or admincp something with the renamed admin folder.
3. I removed the admin cp link from my templates so even if someone gets access, he can't see my ACP and cannot do much destruction.
4. In 1.6 I disliked a feature, even if you hide a link, when going to some member's profile link, it gives you option:
Edit this user in AdminCP.
Ban this user in AdminCP.
From that thing, the hacker might know Admin CP URL so I removed that thing too, also that option is not really needed for me at least, IMHO.
To do so, goto ACP > Themes & Styles > Your THEME Templates > Member Templates >
member_profile
Find and remove:
{$adminoptions}
That would remove that acp link thing from member profile too.