For hidding the /admin "route" in the webserver you have to make the web server rewrite the incoming URL:
- for Apache, you use the mod_rewrite module: http://www.google.com/search?q=apache+mod_rewrite - for lighttpd, you use also it's own mod_rewrite module: http://trac.lighttpd.net/trac/wiki/Docs%3AModRewrite - for others, you read the docs The idea is to do two rewrites (from "external" URLs to "internal" URLs): - from "/admin" to "/this-does-not-exist" - from "/my-new-admin" to "/admin" And you are done! (tm) /AITOR On Dec 21, 2007 3:05 AM, Richard Hurt <[EMAIL PROTECTED]> wrote: > Ok, but what about changing the /admin route to something else? Like I > said, it's not much but it might keep the script kiddies away. > > Thanx! > Richard > > On Dec 19, 2007 11:08 PM, Sean Cribbs <[EMAIL PROTECTED]> wrote: > > > Richard, > > > > I would use your webserver's capabilities to restrict requests to that > > path to be over SSL. I believe this is fairly easy to do with Apache, > > and I have a vague idea of how to do it with nginx. Unfortunately, I > > don't do it that often and so I can't provide you any snippets. > > > > Sean > > > > Richard Hurt wrote: > > > Now that I have my Radiant powered site up and running (thank you very > > > much!) I am getting a bit anxious about the /admin page being exposed > to > > the > > > world. Not that I'm a big target or anything, but I really don't want > > to > > > have to depend on my password skills to make sure my site stays the > way > > it > > > is. What I would like to do is two fold. > > > > > > First I want to for the /admin page to be SSL only. What's the best > way > > to > > > go about this? I am going to have a self signed certificate for now > as > > it's > > > only me doing the editing, but I would like to keep the editing > sessions > > > private. At the very least I have to secure the initial logon page, > > even if > > > I don't secure the entire /admin/... route. > > > > > > Second I would like to change the admin route from /admin to something > > else, > > > maybe /edit, or /blahblah. What's the best|easiest way to do this? I > > know > > > security by obscurity is no security at all, but I would like to at > > least > > > give the script kiddies something to chew on. :) > > > > > > Thanx! > > > Richard > > > > > > P.S. I apologize if this is in the Wiki - I searched but couldn't find > > > anything on it. I'll update the Wiki if I get it working. How's > that? > > :) > > > _______________________________________________ > > > Radiant mailing list > > > Post: Radiant@lists.radiantcms.org > > > Search: http://radiantcms.org/mailing-list/search/ > > > Site: http://lists.radiantcms.org/mailman/listinfo/radiant > > > > > > > > > > _______________________________________________ > > Radiant mailing list > > Post: Radiant@lists.radiantcms.org > > Search: http://radiantcms.org/mailing-list/search/ > > Site: http://lists.radiantcms.org/mailman/listinfo/radiant > > > _______________________________________________ > Radiant mailing list > Post: Radiant@lists.radiantcms.org > Search: http://radiantcms.org/mailing-list/search/ > Site: http://lists.radiantcms.org/mailman/listinfo/radiant > _______________________________________________ Radiant mailing list Post: Radiant@lists.radiantcms.org Search: http://radiantcms.org/mailing-list/search/ Site: http://lists.radiantcms.org/mailman/listinfo/radiant
