esurge Posted November 25, 2003 Posted November 25, 2003 Help please I have set up alot of info on my website. The main problem I have now is that every one can access the admin page. I need to make it SSL and Password Secure. I have read another thread concerning SSL but I have tried it and it does not work. I do have SSL as the check out works and in SSL mode Please help. I am woried the longer i leave it then there might be a chance that someone will access the asmin area and screw up my hard work :o :o :o :o :o
jrwrestling Posted November 25, 2003 Posted November 25, 2003 You can set your password for the admin in the file titled .htaccess
Patrick_B Posted November 26, 2003 Posted November 26, 2003 I am pretty new at this and I opened the .htaccess file in an edditor but could not figure out where or how to add a password # $Id: .htaccess,v 1.1 2003/06/20 00:18:30 hpdl Exp $ # # This is used with Apache WebServers # # For this to work, you must include the parameter 'Options' to # the AllowOverride configuration # # Example: # # <Directory "/usr/local/apache/htdocs"> # AllowOverride Options # </Directory> # # 'All' with also work. (This configuration is in the # apache/conf/httpd.conf file) # The following makes adjustments to the SSL protocol for Internet # Explorer browsers <IfModule mod_setenvif.c> <IfDefine SSL> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </IfDefine> </IfModule> # Fix certain PHP values #<IfModule mod_php4.c> # php_value session.use_trans_sid 0 # php_value register_globals 1 #</IfModule> This is the contents hope someone can help.
mortsahl Posted November 26, 2003 Posted November 26, 2003 You do need to secure your admin, but until you get .htaccess figured out, a simple, only semi-secure, but better than nothing way to keep people out of your admin area is to change the name of your admin directory. Instead of having it named admin, rename it to something like t3gic902acq -- something like that would be diverse enough to keep people out. In your newly renamed admin directory you'll have to edit configure.php is it knows about the new name.
esurge Posted December 1, 2003 Author Posted December 1, 2003 hello, Thank you for your replys. I have htaccess. (sorry I did not say before) however I would like the admin are to run under SSL. When I try to access the admin area via my SSL Link it works BUT on on the first page. When I click on another link then I go back to normal HTTP. Jazz
Recommended Posts
Archived
This topic is now archived and is closed to further replies.