Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
.Htaccess Protect the Admin Directory
#1
I couldn't find any tutorial for this, and I thought it might help some who want extra protection for their forum.

Warning: You will have to give this password to all of your admins and they will, in a sense, have to login twice in order to get into the admin interface. This means they will have to remember a second password. If you are okay with this and want the extra protection, by all means, go ahead. If you don't want this, do not follow this tutorial.

---------------------

This is a step by step process. Please follow the steps accordingly and carefully. This is mainly targeted towards users who are using non-cpanel control panels or who are not using shard hosting and have setup a apache2 and php server. Guide for cpanel below.

---------------------

Step 1: Go to http://tools.dynamicdrive.com/password/

Step 2: Enter in the usernames in the first box (on the left). After each username, press enter (line-break).

Step 3: Enter each password in the same line on the box on the right. The username and password must match up.

Step 4: Enter the server's web root directory. You can find this in CPanel (see image below) or you will know this when setting up a server with apache (httpd) and php. For example, /home/mysite/mybb or /home/mysite/

[Image: cpanel-home-directory.jpg]

If you use CPanel, you can also do this easier and automatically (automagically Smile)
I will show this at the bottom.

Step 5: Take the generate code for .htaccess and add it to your /admin directory .htaccess.

Step 6: Copy the generated code for the .htpasswd file and paste it into a new file under the web root directory you specified earlier.

Step 7: Optional: In order to add more usernames and passwords, simply follow steps 2 and 3 and append (add to the end of the file) the new generated lines into your .htpasswd file.

If you need any help, please post below...

Extra Notes:
  • You may place the .htpasswd in the same directory .htaccess, but this is not recommended and secure.


---------------------

If you use CPanel and want to have this done automatically, use the following guide by Paul H
http://community.mybb.com/thread-109975.html
Reply
#2
This user has been denied support. This user has been denied support.
Can the .htaccess file ever be compromised?
Reply
#3
As long as the apache (web-server) configuration is correct and securely configured, then the .htaccess file will not be compromised.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)