Page 1 of 1

hide admin

Posted: Wed Oct 20, 2010 11:21 pm
by dashopinstyle

I want to hide this IF someone tries to type in url address bar I want to redirect them to main page.
instead of opening admin login menu.

May be in future release of opencart we can have prefix for admin folder and files so that each user gets a unique admin folder.

or any htaccess edit so that someone enters admin folder in url bar is redirected to main page.

Re: hide admin

Posted: Thu Oct 21, 2010 12:00 am
by mystifier
As a matter of course, in all Open Source applications, I change the default admin path which side-steps the vast majority of probes for next to no effort. It is simply a case of renaming the folder and changing the admin config.php

If someone tries to, by default, it goes into the front-end shop and is handled correctly with 'The page you requested cannot be found', or whatever polite message you have set in catalog\language\english\error\not_found.php

I like this better, but I guess you could add redirect permanent old_url new_url to .htaccess if you wanted.

Re: hide admin

Posted: Thu Oct 21, 2010 2:20 am
by dashopinstyle
thanks very much
no I think config.php is better option
.htaccess i said because i was unaware of this simple option I will try it now.

please advice which one to rename

http, https, dir
admin is in these three option or we rename all of them.
can we do same with Image folder?

thankyou very much for your help.

Re: hide admin

Posted: Thu Oct 21, 2010 2:44 am
by mystifier
In YourAdmin/config.php, You need to set YourAdmin in:

Code: Select all

define('HTTP_SERVER', '');

define('HTTPS_SERVER', '');

// DIR
define('DIR_APPLICATION', '/YourSiteRoot/YourAdmin/');
define('DIR_LANGUAGE', '/YourSiteRoot/YourAdmin/language/');
define('DIR_TEMPLATE', '/YourSiteRoot/YourAdmin/view/template/');
If you don't have HTTPS, it needs to be set the same as HTTP

Obviously, YourAdmin must match the new name of your folder.

Re: hide admin

Posted: Fri Oct 22, 2010 6:51 pm
by dashopinstyle
thanks very much

is there any way we can use to avoid search engine and robots crawling this directory?
other than robot.txt?
or robot.txt is the best option?

Re: hide admin

Posted: Fri Oct 22, 2010 8:13 pm
by mystifier
I use robots.txt:

Code: Select all

User-agent: *
Disallow: /YourAdmin/
Disallow: /system/
I don't know if it is the best, I just replicated what comes with wordpress. ;)

Re: hide admin

Posted: Fri Oct 22, 2010 8:47 pm
by Moggin
I used robots meta tags in the admin/view/template/common/header.tpl file

Code: Select all

<title><?php echo $title; ?></title>
<meta name="robots" content="noindex, nofollow">
As shown here

No idea if that is useful,or necessary - that's just what I did.

robots.txt in the root has a slight disadvantage, in that your disallowed folder names can be seen by anyone - though I don't think anyone but the most determined hacker would bother looking :D

Re: hide admin

Posted: Sat Oct 23, 2010 12:06 am
by dashopinstyle
Great thanks I use robot.txt
but now i will use meta tag very good advice thanks.