Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Hide admin name in userlist
#1
Hi there,

I already disabled the memberlist.php in the ACP but you can still see the name of the admin when you call the link mydomain.com/user-1.html or mydomain.com/member.php?action=profile&uid=1

If you disable search engine friendly URLs in the ACP it will use the latter format.

In the .htaccess there's this line that does it:

RewriteRule ^user-([0-9]+)\.html$ member.php?action=profile&uid=$1 [L,QSA]

I noticed if you do uid=0 in the browser it will show you your own current user. I already disabled guests to view any users.

What would be the correct RewriteRule to redirect user 1 (admin) to user 0?

I know it's security through obscurity, but better than nothing. Somebody would have to guess the username, the password and the ACP PIN (if he finds the real ACP). Shy

Thanks
Reply
#2
You could always just redirect the urls in question to something else via your cPanel.

mydomain.com/user-1.html redirects to mydomain.com/user-0.html
mydomain.com/member.php?action=profile&uid=1 redirects to mydomain.com/member.php?action=profile&uid=0
> SELECT finger FROM hand WHERE id='3'
Reply
#3
Tell me, can I hide the admin without redirect?
and in terms of security, does it give an advantage?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)