Tech Support Posted July 27, 2018 Share Posted July 27, 2018 Starting from KVS 4.0.0 it is possible to configure that admin panel is available via URL other than /admin. Here is how. Step 1. Open /admin/.htaccess file for editing and uncomment (remove #) the following lines. If you don't have them in your /admin/.htaccess, that's mean that your project was started with earlier version and you simply need to add them at the very end: RewriteCond %{ENV:REDIRECT_STATUS} !200 RewriteCond %{REQUEST_URI} ^/admin RewriteCond %{REMOTE_ADDR} !^88.85.69 RewriteCond %{HTTP:X-REAL-IP} !^88.85.69 RewriteRule ^.*$ - [R=404,L] In the same file comment out (add #) line starting with ErrorDocument 404: #ErrorDocument 404 "404 / not found" NOTE: this configuration is designed to allow KVS support engineers to access your admin panel via standard /admin URL, while all other users including yourself will see 404 error. We will not provide any support if we are not able to access your admin panel via standard /admin URL, so please do not alter this configuration. Step 2. Create a symlink on your server's filesystem pointing from your new folder to the existing /admin folder. You can do that via your server panel or via command line. Via command line you should first CD to your project folder and then execute the following LN command: ln -s admin abcde Step 3. In /admin/include/setup.php add the following line: $config['admin_url']="$config[project_url]/abcde"; Step 4. Now you should be able to access your admin panel only via this URL: http://domain.com/abcde/ You can replace abcde with anything you want. You should get 404 error when you try to access via standard admin panel URL: http://domain.com/admin/ NOTE: In some cases your web server (Apache or Nginx or both) may be configured to disallow using symlinks. If you see 403 errors when trying to access admin panel via the new URL, please ask host support to allow symlinks, otherwise you won't be able to hide admin panel main URL. Quote Link to comment Share on other sites More sharing options...
Tanjiro Posted March 19 Share Posted March 19 Could you please make a little extra tutorial for Nginx too ? Some people don't use Apache Quote Link to comment Share on other sites More sharing options...
Tech Support Posted March 19 Author Share Posted March 19 According to KVS requirements, Apache is required, so all our official documentation only includes Apache. If you not using Apache, it is up to you, but we don't provide support for such configuration. Quote Link to comment Share on other sites More sharing options...
Akash Bhati Posted July 29 Share Posted July 29 Hello, Firstly, the conditions and rules you mentioned are in Apache's mod_rewrite syntax, but Nginx uses a different configuration style. Here is the corresponding setup in Nginx: Quote location /admin { allow 88.85.69.0/24; deny all; error_page 403 =404 /404.html; try_files $uri $uri/ =404; location ~ \.php$ { deny all; } } Let me explain what this does: location /admin: This block applies to any URL path that starts with /admin. allow 88.85.69.0/24; deny all;: These two lines control access to the /admin directory. Only IP addresses in the range 88.85.69.0 to 88.85.69.255 are allowed. All other IP addresses are denied. error_page 403 =404 /404.html;: This changes the error page for forbidden requests (403 errors) to your 404 error page. Replace /404.html with the path to your actual 404 error page. try_files $uri $uri/ =404;: This tries to serve the request as is, or as a directory, and if neither of those exist, it returns a 404 error. location ~ \.php$ { deny all; }: This nested location block matches any PHP file in the /admin directory and denies access to it. However, please be careful as this block will need to be adjusted to fit in with your existing PHP execution configuration, especially if you're using PHP-FPM or similar. In Nginx, the client's IP is taken from the connection itself and not from an HTTP header like HTTP:X-REAL-IP as in your Apache configuration. If you're behind a proxy and want to allow/deny based on the original client IP, you'll need to use the ngx_http_realip_module and define trusted sources to get the real IP. 1 Quote Link to comment Share on other sites More sharing options...
Tanjiro Posted August 25 Share Posted August 25 On 7/29/2023 at 5:17 PM, Akash Bhati said: Hello, Firstly, the conditions and rules you mentioned are in Apache's mod_rewrite syntax, but Nginx uses a different configuration style. Here is the corresponding setup in Nginx: Let me explain what this does: location /admin: This block applies to any URL path that starts with /admin. allow 88.85.69.0/24; deny all;: These two lines control access to the /admin directory. Only IP addresses in the range 88.85.69.0 to 88.85.69.255 are allowed. All other IP addresses are denied. error_page 403 =404 /404.html;: This changes the error page for forbidden requests (403 errors) to your 404 error page. Replace /404.html with the path to your actual 404 error page. try_files $uri $uri/ =404;: This tries to serve the request as is, or as a directory, and if neither of those exist, it returns a 404 error. location ~ \.php$ { deny all; }: This nested location block matches any PHP file in the /admin directory and denies access to it. However, please be careful as this block will need to be adjusted to fit in with your existing PHP execution configuration, especially if you're using PHP-FPM or similar. In Nginx, the client's IP is taken from the connection itself and not from an HTTP header like HTTP:X-REAL-IP as in your Apache configuration. If you're behind a proxy and want to allow/deny based on the original client IP, you'll need to use the ngx_http_realip_module and define trusted sources to get the real IP. Looks like no one care but I do care, thank you for the tutorial 1 Quote Link to comment Share on other sites More sharing options...
phseven Posted September 2 Share Posted September 2 I follow the instructions but get this error Forbidden You don't have permissions to access this resources Quote Link to comment Share on other sites More sharing options...
Tech Support Posted September 4 Author Share Posted September 4 On 9/2/2023 at 5:32 PM, phseven said: I follow the instructions but get this error Forbidden You don't have permissions to access this resources Please create support ticket. Quote Link to comment Share on other sites More sharing options...
Mich Posted September 4 Share Posted September 4 (edited) On 9/2/2023 at 1:32 PM, phseven said: I follow the instructions but get this error Forbidden You don't have permissions to access this resources I hope you took the time to whitelist your IP address with "allow", otherwise it's normal that you're getting this message. You should post your configuration, in case other people have the same issue. Edited September 4 by Mich Quote Link to comment Share on other sites More sharing options...
phseven Posted September 4 Share Posted September 4 Hello No need to open ticket I created symlink using root ,once changed to the owener of files inside admin it worked fine. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.