Post by TheJD » Thu Nov 29, 2018 4:46 pm

After reading through various threads, there just doesn't seem to be a clear answer on how to password protect the admin folder. I think I figured it out finally, and would like to share it....

If you are familiar with cpanel web host, then I am sure you have tried the Password Protect feature that usually would work. But it seems when we try to use that on the admin folder, it just causes a problem with the cart.
So here is one solution .. oh, take your time reading this.
I don't think I missed a step. If I did I will edit and correct it where needed.

You first need to edit the .htaccess file in the admin folder.
If it is not there, create it and add this code in the file:

Code: Select all

AuthName "admin"
AuthUserFile "/home/SITEDIR/.htpasswds/public_html/admin/passwd"
AuthType Basic
require valid-user
ErrorDocument 401 "Not Allowed"
Make sure you change SITEDIR to your website directory.
If your directory layout/structure is different, just adjust it accordingly to your server layout

Now you need to go to /.htpasswds/public_html/admin/ and make a file called passwd (no extension, JUST passwd)

Edit this new created file

Now head over to http://www.htaccesstools.com/htpasswd-generator/ - you will need to generate a username and password on this website and just copy the data into that passwd file.
So for example if you put in the fields:
username: test
password: pass

press create and you should see something like this:

Code: Select all

test:$apr1$ATAGGGta$oY9/Q3EZGCbOGhgx6QcYY/
take that code and copy/paste that into the passwrd file you created a few minutes ago.
save that.

now go to your admin panel and either refresh if you are already there or load it up and you SHOULD get the pop up asking you for a username and password. put in the info you used to generate the code and you should see the admin page or the admin login panel like usual, and there shouldn't be any issues viewing the admin panel or the store front.

You can change

Code: Select all

ErrorDocument 401 "Not Allowed"
if you want, only the

Code: Select all

Not Allowed
part. Whatever you change or enter between those " " will show if someone enters the wrong code or presses cancel.

Well, there you have it.

Note: the first line of code:

Code: Select all

AuthName "admin"
that "admin"...this is your admin folder. if you change your admin folder to another name you have to put that name here. it is also case sensitive.

To do all of this, i used WinSCP software to move around the directories and create the files I needed above. You can edit files and save it right back to the server using WinSCP. It is pretty nice.

Newbie

Posts

Joined
Thu Nov 29, 2018 4:27 pm

Post by IP_CAM » Fri Nov 30, 2018 10:58 am

Well, an OC-integrated Solution would possibly keep you from Problems,
while they might not be as secure as a 'htpasswd' Solution, but if you cannot
solve this matter, it would at least be a quite valuable Alternative!
Good Luck! ;)
Ernie
---
[VQMOD] SecureMyAdmin free, OC v.1.5.4.1 - 1.5.6.5_rc:
https://www.opencart.com/index.php?rout ... n_id=15901
---
(VQMOD) Secure Admin URL free, OC v.2.0.0.0 - 2.2.0.0:
https://www.opencart.com/index.php?rout ... n_id=24045
---
RazorinWorks - Secure MyAdmin 2.0 ( OCMOD & VQMOD ) paid, OC v.2.0.1.1 - 2.3.0.2:
https://www.opencart.com/index.php?rout ... n_id=23969
---
Change admin url free, OC v.1.5.6.x - 2.2.0.0:
https://www.opencart.com/index.php?rout ... n_id=27076
---

For Sale: Top URL's, including an OpenCart V-Pro Shop!
A wide range of matching Designs can be seen here: http://www.opencart.li
For Information on URL's offered, please contact me at: jti@jacob.ch
Hundreds of Mods in 380+ Repositories for OC v.1.5.x - v.2.3.x
to be found on my Github Site: https://github.com/IP-CAM
Image


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: No registered users and 7 guests