Thread Rating:
  • 13 Vote(s) - 4.54 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Six Methods to Protect Your MyBB Forums
#11
Just remove the link altogether.
[Image: 1255110914.png]
Reply
#12
(06-13-2009, 07:51 AM)GoldenBoy Wrote: helpful! will this stop SQL injection attacks?
I'm pretty sure no, but it will stop access so that the hacker will probably not be able to try SQL injections in the first place. (for the config file mainly).

But that questions should be directed to somebody who knows more about PHP and SQL, not me.
(07-04-2009, 04:53 AM)Psinetic Wrote: the only problem i see with this is all you have to do is hover over the "admin" link once you've gained access to an admin account. is there a way to hide it from the link? like the link goes to one thing and then redirects to the real admin cp?

You can remove the Admin CP link via either the templates, or there is a plugin that does it.

But as long as you add the other two methods, it would work like this:

1) Hacker Finds Password
2) Hacker Eventually Finds Admin Directory
3) Hacker Needs to Crack Directory Password
4) Hacker Finds Password, but because IP doesn't match gets redirected back to the home page.

Unless the hacker can hack into your actual server and delete the .htaccess and password protection, the above is what will happen.
Need web hosting? Try MyBBWebHost!
#1 for Running MyBB Communities
The world's only premium web host dedicated to MyBB forums.

Reply
#13
This works.. Just the IP THING wont work.. Like it redirects me to the page i put it even when i put my own ip.
Reply
#14
The whole point of it is that if it ISN'T the IP that's there, then it will redirect you to that page.

So if you put your IP there, then it shouldn't redirect you.
Need web hosting? Try MyBBWebHost!
#1 for Running MyBB Communities
The world's only premium web host dedicated to MyBB forums.

Reply
#15
Thanks for the info Smile
Reply
#16
(07-24-2009, 03:34 PM)Vapor Wrote: Thanks for the info Smile
No problem Smile

Here's another tip: Make a Fake Admin CP Login Page
Need web hosting? Try MyBBWebHost!
#1 for Running MyBB Communities
The world's only premium web host dedicated to MyBB forums.

Reply
#17
Being that your IP address changes from time to time how would you go about getting back into it if and when your IP address changes?
[Image: SpinnerSkeleton.gif]
Reply
#18
(11-01-2009, 09:12 PM)s9TeeN Wrote: Being that your IP address changes from time to time how would you go about getting back into it if and when your IP address changes?
Well, that would probably only work for non-dynamic IPs. For dynamic IPs, you'd either have to change it via the FTP every time, or simply not use it.
Need web hosting? Try MyBBWebHost!
#1 for Running MyBB Communities
The world's only premium web host dedicated to MyBB forums.

Reply
#19
I have to admit that I'm a complete noob learning a little here and there. What is the difference between non-dynamic and dynamic IP's? How do I find the dynamic one that I need for the .htaccess?

Sorry for the stupid questions! lol
[Image: SpinnerSkeleton.gif]
Reply
#20
(11-04-2009, 10:30 PM)s9TeeN Wrote: I have to admit that I'm a complete noob learning a little here and there. What is the difference between non-dynamic and dynamic IP's? How do I find the dynamic one that I need for the .htaccess?

Sorry for the stupid questions! lol
Dynamic IPs change every so often, static IPs (non-dynamic) stay the same.
Need web hosting? Try MyBBWebHost!
#1 for Running MyBB Communities
The world's only premium web host dedicated to MyBB forums.

Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)