Best Way to Secure Your AdminCP
I have found that this is the absolute best way to secure your AdminCP. It's a simple code that is added to the top of your admin.php file.
Basically what it does, is if a person's IP address isn't whitelisted, it automatically redirects them to any chosen URL, which is impossible to get passed (unless editing the file obviously)
This isn't very practical if your Administators log in from several different IP's or their IP's change frequently, so make sure you talk it over with anyone that has access to the AdminCP.
On with the code!
Place this code at the top of your admin.php file, above EVERYTHING.
Replace the two IP addresses above with your IP and another IP, or just simply delete the second one, including the comma.
If you do not know your IP address, you can find it at http://www.whatismyip.com/ (Thank you Floris)
Change example.com to the URL of your choice, and it will automatically start redirecting for those who are not whitelisted!
To add an IP address, just simply follow the same pattern as the first two. "#", "#",
I wish you success.
I have found that this is the absolute best way to secure your AdminCP. It's a simple code that is added to the top of your admin.php file.
Basically what it does, is if a person's IP address isn't whitelisted, it automatically redirects them to any chosen URL, which is impossible to get passed (unless editing the file obviously)
This isn't very practical if your Administators log in from several different IP's or their IP's change frequently, so make sure you talk it over with anyone that has access to the AdminCP.
On with the code!
Place this code at the top of your admin.php file, above EVERYTHING.
Kod:
<?php $allow = array("127.0.0.1", "127.0.0.2" );
if(!in_array($_SERVER['REMOTE_ADDR'], $allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow)) {
header("Location: http://www.example.com");
exit();
} ?>Replace the two IP addresses above with your IP and another IP, or just simply delete the second one, including the comma.
If you do not know your IP address, you can find it at http://www.whatismyip.com/ (Thank you Floris)
Change example.com to the URL of your choice, and it will automatically start redirecting for those who are not whitelisted!
To add an IP address, just simply follow the same pattern as the first two. "#", "#",
I wish you success.