charles Posted February 10, 2003 Share Posted February 10, 2003 To all of you with a lot more working experience. From a security standpoint, what is the best location for the admin folder, at peer level with the catalog folder webroot --- 'catalog' --- 'admin' or within the catalog folder webroot --- catalog files ---' admin' which, except for a webroot index/default file to redirect to 'catalog', would basically be the same as webroot --- 'catalog' ------ 'admin' or does it matter? We stand in ignorance only for questions not asked. Plug up the leaks in your knowledge base and open up a flood of understanding. Link to comment Share on other sites More sharing options...
mattice Posted February 11, 2003 Share Posted February 11, 2003 Not sure wether there are security benefits but I prefer it root level. Just because of the clearness, I don't like private dirs that are nested in public dirs. Since all restrictions you can use are on directory level (htaccess, apache config) it doesn't really matter I think. Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
Guest Posted February 11, 2003 Share Posted February 11, 2003 1.put your admin folder into your catalog. You have to link from your admin panel into your catalog and thats the simplest way -> ../ 2. use .htaccess (safest and best you can do) Link to comment Share on other sites More sharing options...
charles Posted February 11, 2003 Author Share Posted February 11, 2003 I'm not sure but I think I just got two diametric opinions?!? :lol: Anyone else? We stand in ignorance only for questions not asked. Plug up the leaks in your knowledge base and open up a flood of understanding. Link to comment Share on other sites More sharing options...
Guest Posted February 11, 2003 Share Posted February 11, 2003 better than none :D Link to comment Share on other sites More sharing options...
mattice Posted February 11, 2003 Share Posted February 11, 2003 Well, mine was trying to answer your actual question :) It does not matter from a security perspective, or at least I was unable to find any comments saying it would (just searched on it) it's just what you prefer. I prefer to have /admin and /catalog instead of /catalog/admin. HTH Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
mattice Posted February 11, 2003 Share Posted February 11, 2003 PS: Having it like my preference does not affect the cart in any way, nor any link from the admin AFAIK Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
charles Posted February 12, 2003 Author Share Posted February 12, 2003 Thanks, Since I just lost my hard drive :roll: along with weeks of work, :cry: not only OSC but also :x ..., (and no, I didn't have a backup! :oops: ) I thought I'd try and do it "right" this time, :wink: having learned from a lot of mistakes :idea: (yes, I now have an external, removable 80 gig usb backup drive :lol: ). It makes sense not to have admin in the catalog just in case someone hacks the security. We stand in ignorance only for questions not asked. Plug up the leaks in your knowledge base and open up a flood of understanding. Link to comment Share on other sites More sharing options...
mugitty Posted February 12, 2003 Share Posted February 12, 2003 I'll put in my 2 cents and say that I have to agree with Mattice. Making your admin at root level completely separate from the catalog also allows you to name it "mystupidpettricks" or whatever you want and not have it be plainly evident that it is associated with the catalog in any way. ... if you want to REALLY see something that doesn't set up right out of the box without some tweaking, try being a Foster Parent! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.