Page 1 of 1
hide admin
Posted: Wed Oct 20, 2010 11:21 pm
by dashopinstyle
domainname.com/admin
I want to hide this IF someone tries to type in url address bar I want to redirect them to main page.
instead of opening admin login menu.
May be in future release of opencart we can have prefix for admin folder and files so that each user gets a unique admin folder.
or any htaccess edit so that someone enters admin folder in url bar is redirected to main page.
Re: hide admin
Posted: Thu Oct 21, 2010 12:00 am
by mystifier
As a matter of course, in all Open Source applications, I change the default admin path which side-steps the vast majority of probes for next to no effort. It is simply a case of renaming the folder and changing the admin config.php
If someone tries to YourOpencartShop.com/admin, by default, it goes into the front-end shop and is handled correctly with 'The page you requested cannot be found', or whatever polite message you have set in catalog\language\english\error\not_found.php
I like this better, but I guess you could add redirect permanent old_url new_url to .htaccess if you wanted.
Re: hide admin
Posted: Thu Oct 21, 2010 2:20 am
by dashopinstyle
hi
thanks very much
no I think config.php is better option
.htaccess i said because i was unaware of this simple option I will try it now.
please advice which one to rename
http, https, dir
admin is in these three option or we rename all of them.
can we do same with Image folder?
thankyou very much for your help.
Re: hide admin
Posted: Thu Oct 21, 2010 2:44 am
by mystifier
In YourAdmin/config.php, You need to set YourAdmin in:
Code: Select all
// HTTP
define('HTTP_SERVER', 'http://www.YourDomain.com/YourAdmin/');
// HTTPS
define('HTTPS_SERVER', 'http://www.YourDomain.com/YourAdmin/');
// DIR
define('DIR_APPLICATION', '/YourSiteRoot/YourAdmin/');
define('DIR_LANGUAGE', '/YourSiteRoot/YourAdmin/language/');
define('DIR_TEMPLATE', '/YourSiteRoot/YourAdmin/view/template/');
If you don't have HTTPS, it needs to be set the same as HTTP
Obviously, YourAdmin must match the new name of your folder.
Re: hide admin
Posted: Fri Oct 22, 2010 6:51 pm
by dashopinstyle
thanks very much
is there any way we can use to avoid search engine and robots crawling this directory?
other than robot.txt?
or robot.txt is the best option?
Re: hide admin
Posted: Fri Oct 22, 2010 8:13 pm
by mystifier
I use robots.txt:
Code: Select all
User-agent: *
Disallow: /YourAdmin/
Disallow: /system/
I don't know if it is the best, I just replicated what comes with wordpress.
Re: hide admin
Posted: Fri Oct 22, 2010 8:47 pm
by Moggin
I used robots meta tags in the
admin/view/template/common/header.tpl file
Code: Select all
...
<head>
<title><?php echo $title; ?></title>
<meta name="robots" content="noindex, nofollow">
...
As shown here
http://www.robotstxt.org/meta.html
No idea if that is useful,or necessary - that's just what I did.
robots.txt in the root has a slight disadvantage, in that your disallowed folder names can be seen by anyone - though I don't think anyone but the most determined hacker would bother looking
Re: hide admin
Posted: Sat Oct 23, 2010 12:06 am
by dashopinstyle
Great thanks I use robot.txt
but now i will use meta tag very good advice thanks.