Jump to content

How to hide access to admin panel


Tech Support
 Share

Recommended Posts

Starting from KVS 4.0.0 it is possible to configure that admin panel is available via URL other than /admin. Here is how.

admin_panel_url.png.98be440ec1220af572948b6a1e60883c.png

 

Step 1. Open /admin/.htaccess file for editing and uncomment (remove #) the following lines. If you don't have them in your /admin/.htaccess, that's mean that your project was started with earlier version and you simply need to add them at the very end:

RewriteCond %{ENV:REDIRECT_STATUS} !200
RewriteCond %{REQUEST_URI} ^/admin
RewriteCond %{REMOTE_ADDR} !^88.85.69
RewriteCond %{HTTP:X-REAL-IP} !^88.85.69
RewriteRule ^.*$ - [R=404,L]

In the same file comment out (add #) line starting with ErrorDocument 404:

#ErrorDocument 404 "404 / not found"

NOTE: this configuration is designed to allow KVS support engineers to access your admin panel via standard /admin URL, while all other users including yourself will see 404 error. We will not provide any support if we are not able to access your admin panel via standard /admin URL, so please do not alter this configuration.

 

Step 2. Create a symlink on your server's filesystem pointing from your new folder to the existing /admin folder. You can do that via your server panel or via command line. Via command line you should first CD to your project folder and then execute the following LN command:

ln -s admin abcde

 

Step 3. In the main /.htaccess file check if you have the following fragment:

RewriteCond %{HTTP_HOST} !^www\.(.*)$
RewriteCond %{REQUEST_URI} !^/admin
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

You should have it if your project URL is www-based. Add additional line to this fragment to exclude /abcde folder:

RewriteCond %{HTTP_HOST} !^www\.(.*)$
RewriteCond %{REQUEST_URI} !^/admin
RewriteCond %{REQUEST_URI} !^/abcde
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

 

Step 4. In /admin/include/setup.php add the following line:

$config['admin_url']="$config[project_url]/abcde";

 

Step 5. Now you should be able to access your admin panel only via this URL:

http://domain.com/abcde/

You can replace abcde with anything you want. You should get 404 error when you try to access via standard admin panel URL:

http://domain.com/admin/

NOTE: In some cases your web server (Apache or Nginx or both) may be configured to disallow using symlinks. If you see 403 errors when trying to access admin panel via the new URL, please ask host support to allow symlinks, otherwise you won't be able to hide admin panel main URL.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...