Page 1 of 1
prevent access to /admin from public internet
Posted: Wed Jun 13, 2007 8:55 am
by mmadani
Hi everybody,
Does anybody know a way to prevent access to the admin login page when accessed from the public internet?
I know I can put a .htaccess in the folder so Apache will ask for an extra username:password , but then my web editors have to login twice,
is there another way??
thanks in advance!
regards,
mmadani.
Re: prevent access to /admin from public internet
Posted: Wed Jun 13, 2007 9:02 am
by tsw
if all editors are behind known ip network you could set a access list kind of protection
http://httpd.apache.org/docs/1.3/mod/mod_access.html
Order Deny,Allow
Deny from all
Allow from 10.1.0.0/16
but I think part of the greatness of web based editing is that you can do it from anywhere you want...
Re: prevent access to /admin from public internet
Posted: Wed Jun 13, 2007 9:06 am
by mmadani
wow, that's a fast reply!!
that is the right answer to my problem,
thanks!!
and because we use citrix , it's still possible to edit the website from anywhere,
should I put that config in the general apache config or in the .htaccess?
thanks.
Re: prevent access to /admin from public internet
Posted: Wed Jun 13, 2007 9:08 am
by tsw
if you have access to apache config put it there (its a bit faster) but it should work from .htaccess file also
Re: prevent access to /admin from public internet
Posted: Wed Jun 13, 2007 9:19 am
by cyberman
mmadani wrote:
Does anybody know a way to prevent access to the admin login page when accessed from the public internet?
It's not a real preventing but you can rename admin folder to a long cryptical value which only your editor knows. You can set then name of admin folder in config.php.
Re: prevent access to /admin from public internet
Posted: Wed Jun 13, 2007 9:59 am
by mmadani
thanks!