Joomla-addons.org, components, mambots, plugins and modules for Joomla!
Home | Contact | Demo
 
Go!
 
 
Securing your administrator directory using .htaccess files

ImageTo protect your administrator panel a bit more against hacking attempts, you can protect your administrator directory using htaccess files. 

There are a few options available: restrict access by ip address and password protection

Restrict access by IP Address

If you are in the possession of a static IP Address it might be a wise idea to only allow access to the Joomla! administrator panel from that address. This can be easily done in the following way. Create an empty .htaccess file in your administrator directory. Put the following in it:
<Limit GET>
    Order Deny,Allow
    Deny from all
    Allow from 10.0.0.150
</Limit>

Change 10.0.0.150 in your static internet ip address. You can also use partial IP Addresses: 10.0.0
When you visit the admin panel from any other address than the one in here, you will see a 403 Forbidden error.

You can add multiple address by separating them by comma's: 10.0.0.150,10.0.0.151

Password protection

You can also create an extra barrier by adding password protection to your administrator directory. Some admin panels like webmin and cpanel support the creation of password protected directories through their admin panel. For others, these are the steps to follow:
Create an empty file .htaccess in your Joomla! administrator directory. Put the following in it:

AuthType Basic
AuthName "Joomla Administrator"
AuthUserFile /full/path/to/joomla/administrator/.htpasswd
<Limit GET>
require valid-user
</Limit>

Modify the /full/path/to/joomla to match where your site is.

Then create an empty file .htpasswd in the same directory. You will have to enter the user name and encrypted password in that file. An easy tool to create this line is: http://www.flash.net/cgi-bin/pw.pl. Enter the user name and password and click encrypt.
On the next page you will see the user name and password that will have to be put in the .htpasswd file:
admin:1M8rRxU7VA6Ic

Copy and past that line in your .htpasswd file and things should work. To add another user, encrypt the user name and password and put them on the line below the first one.
 
< Prev
 
Would you like to receive updates of new releases or other news? Enter your details below:
Joomla-addons.org © 2006 | www.bandhosting.nl | JCD-A Member | Newsletter | Sitemap |