i'd love a way to have a separate login directory for staff and admin
http://demo.opencart.com/admin-secret-location/
http://demo.opencart.com/staff/
it would be one more step to keep unwanteds out of the admin area
thanks
Not new. Interpose directory passwording on the server, with its own user/pass, until the challenge is satisfied the admin log-in screen is not accessible. After that, OC itself takes care of admin levels by assigning "users" (admins) to "user groups" (admin groups). Many, probably most hosts' control panels provide for doing that without inserting .htaccess or other .ht* files manually for the purpose. Rename admin/ (ditto download/) and tell config.php files about that, flush vqmod cache if there is one, proceed. The two steps together prevent even getting to admin/ after possibly even guessing renamed/.
At this juncture there are quite a few even quite recent posts on just that.
At this juncture there are quite a few even quite recent posts on just that.
When it's renamed they won't know where it is, without substantial computer savvy. At the log-in they won't know where it is. Once they log in, they'll see only what their preset permissions allow as users (admins) among user groups (admin levels).
If you do not want staff to know where the admin directory is, the best solution I could provide would be by creating a ReWriteRule setting in your .htaccess so it would hide the original folder location on the URL.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Perhaps most of us contemplating the problem, it would be a problem, of having a staff of "unwanteds" would not imagine changing or bothering to change the shopping cart in order to fix the problem. The admin permissions already provide the counterpart to having three or more differently notched car keys so as to keep valets out of glove boxes, trunks, etc.. If you have them tied to doing data entries, then you can set their admin permissions, but if they're "unwanteds" then you would actually be best off either letting them stuff raw product or other entries into a spreadsheet for the sake of export by your own hand into OC, or letting them go (poof). Any staff who would be bent upon mischief based upon directory names would find ways to do mischief based upon computers and files right in front of them.
Who is online
Users browsing this forum: No registered users and 3 guests
