Renaming admin.php

9 posts by 5 authors in: Forums > CMS Builder
Last Post: March 15, 2015   (RSS)

Hello,

I have just upgraded to v. 2.63 (Build 1092) and I can see that there are some custom generated security recommendations. One of the suggestions is below:

  • Rename admin.php to something unique such as admin_0457e78cb8c1a18b3abd.php

Can someone please tell me how to rename admin.php without breaking the cmsAdmin URL? I have tried renaming the file but then cmsAdmin does not load.

Thank you,

Greg

By claire - December 1, 2014

Hi Greg

You should be able to access the URL like so:

www.yoursite.com/cmsAdmin/admin_0457e78cb8c1a18b3abd.php

You only need to include the new name of the admin file at the end of the URL and it should work fine.

--------------------

Claire Ryan
interactivetools.com

Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/

Hi Claire,

Thanks for the reply.

Is the redirect from /cmsAdmin meant to stop working? Is that part of the security improvement? it would make sense if it is.

I was originally thinking that /cmsAdmin would redirect to the newly named admin_RANDOMCHARS.php but perhaps that would defeat the purpose of renaming the file...!

Thanks,

Greg

By claire - December 1, 2014

It would, yes :) I can check with Dave but I'm pretty sure it's a security feature. It forces the user to have the precise URL for that particular install before they're allowed access to the back end.

--------------------

Claire Ryan
interactivetools.com

Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/

By Twocans - March 7, 2015

Hi yea,
I have tried what was mentioned but maybe I have misinterpreted things

OK This is where my admin is at present and ti works a treat.

http://123.123.123.123/~lpc/fay-cms/admin.php

Thus following your advice I go to General Settings > program url and past the following

http://123.123.123.123/~lpc/fay-cms/admin_0457e78cb8c1a18b3abd.php

I click save. I logout and try the link

http://123.123.123.123/~lpc/fay-cms/admin_0457e78cb8c1a18b3abd.php

But it takes me no where.

Can you tell me where do I include or stick the _0457e78cb8c1a18b3abd (dont be rude lol)

I have tried not changing the  General Settings > program url and then navigating to

http://123.123.123.123/~lpc/fay-cms/admin_0457e78cb8c1a18b3abd.php

but this does not work either.

regards

Kenny

By Dave - March 8, 2015

Hi Kenny, 

Try just connecting with FTP and renaming admin.php to something else.  Then entering that url in the browser, eg: /fay-cms/fay-admin-1234.php

Once you do that everything should just work and the CMS should automatically update the "Program Url" value in the admin settings.

Hope that helps!  Let me know any questions.

Dave Edis - Senior Developer
interactivetools.com

By Twocans - March 9, 2015

Haha,
I feel so so stupid haha,

good morning

k

By Dave - March 15, 2015

Hi Tom, 

Some servers have a module called "mod_security" which urls when they contain certain character sequences.  Last time we investigated we found that mod_security doesn't block some urls that start with admin.php.  

So the solution is either don't rename admin.php or ask your host to disable mod_security for the cms folder.  And if you get strange 403 errors at various points, that's probably mod_security as well, so ask your host to disable it if that happens.

Hope that helps!

Dave Edis - Senior Developer
interactivetools.com