View Single Post
  #17  
Old 17 Jun 2009, 03:47
mme42 mme42 is offline
 
Join Date: Feb 2009
Originally Posted by iNRoC View Post
Trick #2: The Dummy Admin Panel

This one goes well with trick #1. Goto your admin panel's login screen,and go to your browsers File-> Save As page, and save the .php file to your HD. Now, open edit out the personal data in that admincp (look around the form data for "hidden" fields), and upload it to a directory on your server. Basically, the idea here is to make a non-functional admincp login page, to fool people into thinking they have the right URL when they really don't.
A few questions. First, exactly what personal data would be edited out? This is going to be an html file then, not php? And, is the idea to use this page as your listed admincp page in the config.php? Or do you have the real ACP in the newly renamed directory in the config and put the fake page in the /admincp folder in case somebody navigates directly to that path?

Originally Posted by jca2112 View Post
For example, a Fake Admin Login page that writes the IP addresses of login attempts to a file and/or email sent to the admin? That would make it easy to be alerted to login attempts and make it easy to ban users/IPs/etc. that go snooping for the Admin Panel.
Originally Posted by iNRoC View Post
Ill make you a page for it soon.
It would be helpful if anybody could do this.

Thanks
Reply With Quote