DJMegabit Posted May 28, 2006 Posted May 28, 2006 Any one can get to my admin panel how do I secure it
Guest Posted May 28, 2006 Posted May 28, 2006 Any one can get to my admin panel how do I secure it It is verry simple. First you will need to create a password file called ( .htpasswd ) you can use any text editor and save it as .htpasswd Follow this link to generate the password file http://www.htaccesstools.com/htpasswd-generator/ Fill out the username you want and password and click on create password file. then you copy and past it to your text editor and save it as .htpasswd Next you will need to make a .htacces file. You can use any text editor, folow this link to make one http://www.htaccesstools.com/htaccess-authentication/ enter the same username you have used for the .htpasswd . Then you will need to enter the full path to your password file (.htpasswd) I will explain you the path in a moment. then you copy and past it to your text editor and save it as .htpaccess How to upload. So now you have 2 files .htpasswd and .htaccess. Just upload them to your server, you will need to upload the . htaccess to folder you want to protect (the admin folder). If you open the admin folder you will see that there is already .htaccess file, just overwrite it. The next step is upload the .htpasswd . I reccoment the make a new folder (For example: password) and upload the .htpasswd to that folder. Don?t upload the .htpasswd the root of your site. If you see that the .htaccess and htpasswd on your server end in .txt or other extensions of your text editor. Just rename them. Ok, about the full path to your .htpasswd. For example if you are hosting with godaddy it will look something like this: /home/content/1/2/3/username/html/Folder_of_password_file/.htpasswd Where "/1/2/3/" are the first three letters of your user name and "username" is the user name you used to set up your hosting account. For example, if your user name were "johndoe," then your absolute path would be: /home/content/j/o/h/johndoe/html/Folder_of_password_file/.htpasswd Check your hosting company for the full path. If done correct this should work
videobus Posted May 29, 2006 Posted May 29, 2006 Most hosting services provide a method to PW protect any directory (folder) on your website. I use www.1and1.com and their control panel allows me to set any folder. You cannot cheat it by entering the path below the PW protected folder. In my case, I told it to PW www.mywebsite.com\admin\ Nobody can access any of the files below admin without the PW.
jeffz Posted May 29, 2006 Posted May 29, 2006 Most hosting services provide a method to PW protect any directory (folder) on your website. I use www.1and1.com and their control panel allows me to set any folder. You cannot cheat it by entering the path below the PW protected folder. In my case, I told it to PW www.mywebsite.com\admin\ Nobody can access any of the files below admin without the PW. try this link (contribution Dec 2005) - http://www.oscommerce.com/community/contri.../download,11341 I have also tried newer versions, but there must be something wrong there, I wasn't able to make it work .... If you make it work - let me know
Guest Posted June 3, 2006 Posted June 3, 2006 It is verry simple. First you will need to create a password file called ( .htpasswd ) you can use any text editor and save it as .htpasswd Follow this link to generate the password file http://www.htaccesstools.com/htpasswd-generator/ Fill out the username you want and password and click on create password file. then you copy and past it to your text editor and save it as .htpasswd Next you will need to make a .htacces file. You can use any text editor, folow this link to make one http://www.htaccesstools.com/htaccess-authentication/ enter the same username you have used for the .htpasswd . Then you will need to enter the full path to your password file (.htpasswd) I will explain you the path in a moment. then you copy and past it to your text editor and save it as .htpaccess How to upload. So now you have 2 files .htpasswd and .htaccess. Just upload them to your server, you will need to upload the . htaccess to folder you want to protect (the admin folder). If you open the admin folder you will see that there is already .htaccess file, just overwrite it. The next step is upload the .htpasswd . I reccoment the make a new folder (For example: password) and upload the .htpasswd to that folder. Don?t upload the .htpasswd the root of your site. If you see that the .htaccess and htpasswd on your server end in .txt or other extensions of your text editor. Just rename them. Ok, about the full path to your .htpasswd. For example if you are hosting with godaddy it will look something like this: /home/content/1/2/3/username/html/Folder_of_password_file/.htpasswd Where "/1/2/3/" are the first three letters of your user name and "username" is the user name you used to set up your hosting account. For example, if your user name were "johndoe," then your absolute path would be: /home/content/j/o/h/johndoe/html/Folder_of_password_file/.htpasswd Check your hosting company for the full path. If done correct this should work
Guest Posted June 3, 2006 Posted June 3, 2006 It is verry simple. First you will need to create a password file called ( .htpasswd ) you can use any text editor and save it as .htpasswd Follow this link to generate the password file http://www.htaccesstools.com/htpasswd-generator/ Fill out the username you want and password and click on create password file. then you copy and past it to your text editor and save it as .htpasswd Next you will need to make a .htacces file. You can use any text editor, folow this link to make one http://www.htaccesstools.com/htaccess-authentication/ enter the same username you have used for the .htpasswd . Then you will need to enter the full path to your password file (.htpasswd) I will explain you the path in a moment. then you copy and past it to your text editor and save it as .htpaccess How to upload. So now you have 2 files .htpasswd and .htaccess. Just upload them to your server, you will need to upload the . htaccess to folder you want to protect (the admin folder). If you open the admin folder you will see that there is already .htaccess file, just overwrite it. The next step is upload the .htpasswd . I reccoment the make a new folder (For example: password) and upload the .htpasswd to that folder. Don?t upload the .htpasswd the root of your site. If you see that the .htaccess and htpasswd on your server end in .txt or other extensions of your text editor. Just rename them. Ok, about the full path to your .htpasswd. For example if you are hosting with godaddy it will look something like this: /home/content/1/2/3/username/html/Folder_of_password_file/.htpasswd Where "/1/2/3/" are the first three letters of your user name and "username" is the user name you used to set up your hosting account. For example, if your user name were "johndoe," then your absolute path would be: /home/content/j/o/h/johndoe/html/Folder_of_password_file/.htpasswd Check your hosting company for the full path. If done correct this should work
Guest Posted June 3, 2006 Posted June 3, 2006 Okee dokee, I created the password file .htpasswd, and the new .htaccess file, and jimminy crickets if it doesn't slap up a password required screen I'll eat my sandwich. However, when I enter the password I used to create the .htpasswd file, and the user name provided (and what exactly is the purpose of giving the would be ne'er do well half of your admin logon?) But I digress, I put in the required info, and it just emptys the input areas and asks for the same infomation again. Being the sharpest tool in the drawer (granted the drawer at my house ain't too deep) here abouts, I thought possibly, I needed to enter the gobbledegook that it provided from the generation process. That didn't work either. What am I doing wrong? Jake It is verry simple. First you will need to create a password file called ( .htpasswd ) you can use any text editor and save it as .htpasswd Follow this link to generate the password file http://www.htaccesstools.com/htpasswd-generator/ Fill out the username you want and password and click on create password file. then you copy and past it to your text editor and save it as .htpasswd Next you will need to make a .htacces file. You can use any text editor, folow this link to make one http://www.htaccesstools.com/htaccess-authentication/ enter the same username you have used for the .htpasswd . Then you will need to enter the full path to your password file (.htpasswd) I will explain you the path in a moment. then you copy and past it to your text editor and save it as .htpaccess How to upload. So now you have 2 files .htpasswd and .htaccess. Just upload them to your server, you will need to upload the . htaccess to folder you want to protect (the admin folder). If you open the admin folder you will see that there is already .htaccess file, just overwrite it. The next step is upload the .htpasswd . I reccoment the make a new folder (For example: password) and upload the .htpasswd to that folder. Don?t upload the .htpasswd the root of your site. If you see that the .htaccess and htpasswd on your server end in .txt or other extensions of your text editor. Just rename them. Ok, about the full path to your .htpasswd. For example if you are hosting with godaddy it will look something like this: /home/content/1/2/3/username/html/Folder_of_password_file/.htpasswd Where "/1/2/3/" are the first three letters of your user name and "username" is the user name you used to set up your hosting account. For example, if your user name were "johndoe," then your absolute path would be: /home/content/j/o/h/johndoe/html/Folder_of_password_file/.htpasswd Check your hosting company for the full path. If done correct this should work
rabbitseffort Posted June 4, 2006 Posted June 4, 2006 as suggested earlier--use your hosts cpanel to password protect the admin directory--very easy, takes 10 seconds to do "I must admit that I personally measure success in terms of the contributions an individual makes to her or his fellow human beings." ---Margaret Mead--- "The answer is never the answer. What's really interesting is the mystery. If you seek the mystery instead of the answer, you'll always be seeking. I've never seen anybody really find the answer -- they think they have, so they stop thinking. But the job is to seek mystery, evoke mystery, plant a garden in which strange plants grow and mysteries bloom. The need for mystery is greater than the need for an answer. --Ken Kesey"
Guest Posted June 4, 2006 Posted June 4, 2006 as suggested earlier--use your hosts cpanel to password protect the admin directory--very easy, takes 10 seconds to do I have tried that but I don't have a cpanel to pw protect from. At least if I do, I can't find it. I am in a shared hosting environment, and the way I understand it, they do not provide for that on the host end. Jake :)
cyrus3740 Posted October 16, 2006 Posted October 16, 2006 Thank you very much! It worked the first time!!!!!!!!!!!!!!!!!!!!! B)
mariush Posted December 3, 2007 Posted December 3, 2007 help needed. i did everything correct. made two files and uploaded it on server. but i wanted to check it. i put wrong password (during first logging). and now i can not see window on the start. so i can not log in there (to admin panel). Where the password is kept? What should i do to see again starting window (with question about LOGIN AND PASSWORD)? Should i delete cookie to see it again?
ggace Posted December 3, 2007 Posted December 3, 2007 I have tried that but I don't have a cpanel to pw protect from. At least if I do, I can't find it. I am in a shared hosting environment, and the way I understand it, they do not provide for that on the host end. Jake :) I am also on shared hosting & they offer Cpanel. The password protect worked just perfect for me. I am also able to create different names so I can see who logged on.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.