Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Restricting access to admin through .htaccess
#1
Code:
order allow,deny
allow from [IP ADDRESS]
deny from all
Is this possible? Would adding an .htaccess to the admin folder screw anything up? I have done it with Wordpress in the past. Basically only allowing access to the admin panel from my home IP address.
Todo arde si le aplicas la chispa adecuada.
Reply
#2
allow for IP adress is only helpful if you have a fixed IP adress and will never Wink

did you test it with GetSimple? That would be the easiest way to find out if it works
I cannot test it, I have no fix IP to access the net
|--

Das deutschsprachige GetSimple-(Unter-)Forum:   http://get-simple.info/forums/forumdisplay.php?fid=18
Reply
#3
Seems to work, I dropped an .htaccess into the admin directory and added this code:
Code:
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Example Access Control"
AuthType Basic
<LIMIT GET>
order deny,allow
deny from all
allow from [insert IP Address]
</LIMIT>
I tried accessing it from my iphone and all I got was a "oops page not found" error, whereas, my pc was still able to access the directory. Of course, your IP address must be static and not dynamic. Also, I know I could change the name of the admin folder in the gsconfig.php file, however, this is a much better measure against someone brute forcing the admin login.
Todo arde si le aplicas la chispa adecuada.
Reply




Users browsing this thread: 1 Guest(s)