If a visitor knows the OpenCart store system they can add '/admin' to the URL address and get to the backend login page. This is the same with Joomla which is considered a high potential security risk.
The Joomal solution is to add the 'jsecure' module which lets you add a secret password onto the URL; so that http://www.mysite.com/administrator becomes http://www.mysite.com/administrator/?secretword - now only the owner can dial up the admin login page.
http://extensions.joomla.org/extensions ... rity/12254
A simple module like this adds 'huge piece of mind' to store owners!
if you are that worried about it there are simple instructions on the forum on how to rename the admin folder.
OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter
Its a suggestion, as per the forum topic, for future development for OC as I am a keen supporter of the project.Xsecrets wrote:if you are that worried about it there are simple instructions on the forum on how to rename the admin folder.
If it was an issue then I would have posted this in the 'support' forum!!
Something to be considered I guess, although renaming the folder gives just as much security, if not more, as with your version, it's still susceptible to CSRF attacks, but folder renaming does not have this issue
I'm a fan of renaming the admin folder.....
or better still, just run it on a localhost, this way there can be no unauthorised access.
or better still, just run it on a localhost, this way there can be no unauthorised access.
Yep, and the you Pc crashes or your internet-line fails and there is no other place to access your BO.......
Out the door goes the freedom of access and cloud-working.
Out the door goes the freedom of access and cloud-working.
Norman in 't Veldt
Moderator OpenCart Forums
_________________ READ and Search BEFORE POSTING _________________
Our FREE search: Find your answer FAST!.
[How to] BTW + Verzend + betaal setup.
I totally agree, but there are people in the world who are too scared to go out of their front door......i2Paq wrote:Yep, and the you Pc crashes or your internet-line fails and there is no other place to access your BO.......
Out the door goes the freedom of access and cloud-working.
.....each to his own (or her own)
Who is online
Users browsing this forum: No registered users and 10 guests
