Best Way to Secure Your AdminCP

jonah

Регистрация
16.04.16
Сообщения
5
Симпатии
0
#1
I have found that this is the absolute best way to secure your AdminCP. It's a simple code that is added to the top of your admin.php file.

Basically what it does, is if a person's IP address isn't whitelisted, it automatically redirects them to any chosen URL, which is impossible to get passed (unless editing the file obviously)

This isn't very practical if your Administators log in from several different IP's or their IP's change frequently, so make sure you talk it over with anyone that has access to the AdminCP.

On with the code!

Place this code at the top of your admin.php file, above EVERYTHING.
Код:
<?php $allow = array("127.0.0.1", "127.0.0.2" );
if(!in_array($_SERVER['REMOTE_ADDR'], $allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow)) {
    header("Location: http://www.example.com");
    exit();
} ?>
Replace the two IP addresses above with your IP and another IP, or just simply delete the second one, including the comma.

If you do not know your IP address, you can find it at

Пожалуйста, войдите или зарегистрируйтесь для просмотра текста.

(Thank you Floris)

Change example.com to the URL of your choice, and it will automatically start redirecting for those who are not whitelisted!

To add an IP address, just simply follow the same pattern as the first two. "#", "#",