We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

htaccess protect admin directory?[Solved] | Forum

Topic location: Forum home » Support » General Questions
Marcus Nov 16 '14
I want to protect my admin directory with htaccess IP filter but don't know where to put the file? You know that only the chosen IP address will have the access!
The Forum post is edited by ross Nov 20 '14
ross Team
ross Nov 17 '14

are you referring to the site.com/admin?

if so, then it is not a directory it's a route.

What exactly do you want to achieve?

You can just change the route from site.com/admin to something like site.com/adladk or anything you like.
Marcus Nov 17 '14
How to change the route please sorry I am new to this software?

I just want to keep curious from able to even access example(dot)com/admin
The Forum post is edited by Marcus Nov 17 '14
tammy harris
tammy harris Nov 17 '14
most scripts let you change the path to admin to help stop hackers try to break in 
and leaves the dummy login in admin address that logs attempts at trying to login there 

time date ip address etc 

so you can lock that ip from your sever 

ross Team
ross Nov 17 '14
Marcus, I really don't understand why do you want to do this. 

Because anytime a guest types in the URL site.com/admin he/she gets redirected to the sign-in page

And if a logged in member does that, the page just refreshes. 

Anyway, you can change the route here: ow_system_plugins/admin/init.php

You need to change  admin word to whatever you like. 

The Forum post is edited by ross Nov 19 '14
Marcus Nov 18 '14
I am sorry guys. I just don't want site.com/admin to show log in page if the user IP address is not mine. To change the route.looks a bit complicated have to change tons of values.
ross Team
ross Nov 18 '14
What do you want to show then if not sign-in form?
The Forum post is edited by ross Nov 18 '14
Marcus Nov 18 '14
If the IP address that is trying to view the site.com/admin is not mine or the one I choose show "prohibited access"
ross Team
ross Nov 19 '14

RewriteCond %{REMOTE_HOST} !^

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteCond %{REQUEST_URI} ^.*admin.*$

RewriteRule (.*) http://site.com/index [R=302,L]

We do not recommend you to change htaccess file:

1. because you can break some software functionality with these conditions and rules

2. all changes will be overwritten while next update, which is why it is better to do that via php plugin which will have 301 permanent redirect

tammy harris
tammy harris Nov 19 '14
ross will that only allow ip

to be able to view admin area 
ross Team
ross Nov 19 '14
Yes, correct, just change it to your IP address 
tammy harris
tammy harris Nov 19 '14
way cool you rock ross 

dose site.com need be changed as well
The Forum post is edited by tammy harris Nov 19 '14
Marcus Nov 20 '14
Tanks buddy you are awesome :)
ross Team
ross Nov 20 '14
Tammy yes, of course, you need to change it to your domain name and you can use redirect not only to index page but to the custom page your created via admin panel or some other html page you created and placed on the server. 

Marcus, I'm going to mark this thread as Solved