How do you protect your admin location

**Cathpros4** · 17-12-2009 18:25

Some use the obfuscation method. -renaming the 'admin' to some other name. I was told "is a small, very inadequate protective measure. “I am in favor of obfuscation, if it makes you feel better but it is not very effective at really protecting.”

**Barry** · 18-12-2009 12:12

I try to have un-usual names for all my admin areas.

Another ting I watch is that when I am using my admin area I turn document referrers off so if I click a link to another site from within my admin area, the location of my admin is not sent in the header request to the websites logs.

Ta

Baz

**openmind** · 18-12-2009 23:53

Easiest way is to lock down the folder to specific IP address but you would need a fixed IP to avoid locking yourself out.

After that I would suggest blocking IPs after xx failed logins to prevent brute force attacks.

Security by obfuscation is bit going to stop anyone really.

**RandomTemplate** · 20-12-2009 12:54

Methods I usually use are below.

1) A very secure password, 10+ characters, Symbols, Letters & Numbers. Change it weekly.
2) Ensure password is case sensitive and use both upper & lower case.
3) Rename the admin directory again to something random & hard to find.
4) Openmind's theory of blocking out IP's after failed logins.
5) Always update your platforms if using open source products.

**Cathpros4** · 20-12-2009 14:22

Hmm okay

**simplisticdesigns** · 22-12-2009 15:36

I agree with the above posts.. just be careful with the IP option as it's easy to lock yourself or your client out which really isn't a fun situation to be in!

I personally don't block out IP's because mine changes regularly to protect that side of things - whilst it's key to create a safe admin area, it's also of umpost importance to protect your computer and internet connections.

By all means follow the other suggestions as they are all correct and useful. I'm just saying we can't forget other areas which require protection.

Regards,

Ally McInnes.

**SNIP***

**RandomTemplate** · 22-12-2009 22:01

In regard the above, if you block yourself out of the admin panel its quite easy to just go into the database and unblock yourself. Provided you have access to the server control panel which you have little control over fixing its location etc.

**simplisticdesigns** · 23-12-2009 12:34

Yeah, its still a pain in the arse though

Thread: How do you protect your admin location

LinkBack

Thread Tools

Display

How do you protect your admin location

The Following User Says Thank You to Barry For This Useful Post:

The Following User Says Thank You to openmind For This Useful Post:

The Following User Says Thank You to RandomTemplate For This Useful Post:

Similar Threads

Location based marketing

Slight Confusion on Registration Location

Effect of hosting location on rankings

A tough ask with wordress IP location

Tags for this Thread

Posting Permissions