|Securing your Administrator Directory|
Securing your administrator CP directory using .htaccess files
To protect your admin panel a bit more against hacking attempts, you can protect your admin CP directory using htaccess files. There are a few options available: restrict access by ip address and password protection.
1. Restrict access by IP Address
If you are in the possession of a static IP Address it might be a wise idea to only allow access to the phpMyDirectory admin panel from that address. This can be easily done in the following way. Create an empty .htaccess file in your admin CP directory. Put the following in it:
Change 10.0.0.150 in your static internet ip address. You can also use partial IP Addresses: 10.0.0
When you visit the admin panel from any other address than the one in here, you will see a 403 Forbidden error.
You can add multiple address by separating them by comma's: 10.0.0.150,10.0.0.151
2. Password protection
You can also create an extra barrier by adding password protection to your admin CP directory. Some admin panels like webmin and cpanel support the creation of password protected directories through their admin panel. For others, these are the steps to follow:
Create an empty file .htaccess in your phpMyDirectory admin CP directory. Put the following in it:
Modify the /full/path/to/phpMyDirectory to match where your site is.
Then create an empty file .htpasswd in the same directory. You will have to enter the user name and encrypted password in that file.
An easy tool to create this line is: http://www.flash.net/cgi-bin/pw.pl and Enter the user name & password and click encrypt.
On the next page you will see the user name and password that will have to be put in the .htpasswd file:
Copy and past that line in your .htpasswd file and things should work. To add another user, encrypt the user name and password and put them on the line below the first one.
|Monday, 10 September 2007|