 |
|
|
Article Options |
|
Protecting forum parts by htaccess
by
05 Jan 2010
Rating:
 (2 votes
- 5.00 average) I just found a thread about protecting Admin Panel via htaccess. It is usable and +1 for the author, but... The thing is, it supports only one login which need to be shared, if you have more admins, or, you want to protect Moderator panel too and have more than one moderator. So after every staff change, you need to change your pass and tell everybody, there is a new password. Second thing, you need to edit existing vbulletin files, so, you probably need to edit them over and over again after every vBulletin update. AND the third thing, that password are plain-text stored, which is not good at all. Once again, i dont want insult that thread author, but, i just want share my way, how to do it more "sophisticated" AND secure  1) Create a files named .htaccess and .htpasswd (if you using Windows and get error message, create a htaccess.txt and htpasswd.txt files for now) 2) In htaccess add:
- You need to set a correct path, so, you can get it easilly like this: 2a) Create a new file and add code:3) Now you need to set up some usernames nad hashed passwords. I recomanded THIS page. It rly helps you. Just insert your username and password (that name and pass, what you want to use for protecting your files) and click on "Create Password". So for example we use username Anton and passsword whiteglass and we get this:
and thats exactly what we need, so we just copy&paste this into .htpasswd file. By the way, you can add more users into .htaccess file. Just generate more name/pass and add them, one on each row. So you can use your own name and pass, and your co-admin another username and password. Or if you protecting your modcp directory, you can create specific login for each moderator 4) Save both files and upload them on your server. 5) Now, try to access your admincp. You shoud get a small window popped up. If not, you did something wrong and you need to start over. BTW: If you used htaccess.txt and htpasswd.txt names, you need to rename them after upload. The correct names are .htaccess and .htpasswd WITH that DOT on start! Dont forget to delete that info.php file Hope it helps Yea, and sorry for my english, i'm from Czech republic Holy The following members like this post: FReeSTER
Last edited by HolyKiller; 05 Jan 2010 at 23:57.. |
||||||||||||||||
|
Views: 13617
|
||||||||||||||||
| Comments |
|
#2
06 Jan 2010, 00:02
|
|||
|
|||
|
If you already using the second way, make sure you revert your index files back to original vBulletin first
No members have liked this post.
|
|
#3
07 Jan 2010, 04:35
|
||||
|
||||
|
Thanks, this way is a little nicer then the current way I am, plus I like how the passwords are not in plain text anymore.
__________________
Gamerz Needs - For All Your Gaming Needs! No members have liked this post.
|
|
#4
07 Jan 2010, 14:18
|
|||
|
|||
|
On a small side note never put .htpasswd in a place that is world readable it should go before the directory where you place your webcontent, most systems will allow this or have even a special place for it.
If your lazy like me there is a program called Deadlock that will use a database and normal htaccess and htpasswd files to grant access to it. No members have liked this post.
|
|
#5
08 Jan 2010, 15:50
|
||||
|
||||
|
nice one for users who have no access to make fire walls
No members have liked this post.
|
|
#6
14 Sep 2010, 07:29
|
|||
|
|||
|
Thanks dir
No members have liked this post.
|
|
#7
08 Nov 2010, 13:18
|
|||
|
|||
|
Nice simple article for new users like me. Anyway thanks.
No members have liked this post.
|
|
#8
17 Sep 2011, 17:59
|
|||
|
|||
|
Thank you mate, I will try this
No members have liked this post.
|
|
#9
23 Sep 2011, 18:07
|
||||
|
||||
|
I've always liked these as well:
.htaccess password protect a single File: http://webdesign.about.com/od/htacce...ord_1_file.htm .htaccess password protect a Folder: http://webdesign.about.com/od/htacce...hthtaccess.htm .htaccess authentication generator: http://www.htaccesstools.com/htaccess-authentication/ .htaccess password generator: http://www.htaccesstools.com/htpasswd-generator/
__________________
Daddy Does Dios and Figs! *I no longer provide vBulletin Services (No PM's, please). Search - Use the search feature to find similar issues/answers. Information - Include screenshots, copy/pasted error codes, url etc. Fixed - Please return to your thread/post and let us know how it was fixed! Thanks - For participating! Click the "Like" ♥ on a post if someone helped you! No members have liked this post.
|
|
#10
27 Oct 2012, 03:22
|
||||
|
||||
|
It is really the best protection for all website owners
Thanks a lot
__________________
AdSense revenue sharing 100% - [ Hanan ] News, egypt : أخبار مصر - Photo, picture : صور No members have liked this post.
|
|
#11
24 Mar 2013, 18:00
|
||||
|
||||
|
thanks man
nice topic No members have liked this post.
|
|
#12
01 Jun 2014, 02:47
|
|||
|
|||
|
What you mentioned didn't work, unless the part where it says "/*link.to.your.protected.dir*/" is supposed to have "mywebsite.com/admincp."
__________________
DNN No members have liked this post.
|
|
#13
01 Jun 2014, 03:08
|
|||
|
|||
|
This can be done from any cpanel without all this extra work
No members have liked this post.
|
|
«
Previous Article
|
Next Article
»
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Article Options | |
|
|
| New To Site? | Need Help? |
All times are GMT. The time now is 19:21.
Powered by vBulletin® Version 3.8.14
Copyright © 2023, MH Sub I, LLC dba vBulletin. All Rights Reserved. vBulletin® is a registered trademark of MH Sub I, LLC
Copyright © 2023, MH Sub I, LLC dba vBulletin. All Rights Reserved. vBulletin® is a registered trademark of MH Sub I, LLC
Design by Princeton
Copyright ©2001 - , vbulletin.org. All rights reserved.
vBulletin® is a registered trademark. 