Please select To the mobile version | Continue to access the desktop computer version
| |
| | |


 Forgot password?
View: 4298|Reply: 1
Collapse the left

How to block non-admin direct access to admin.php page

  [Copy link]


Post time: 2015-2-18 18:03
| Show all posts |Read mode
Edited by Mourad at 2015-2-18 16:02

As we know Discuz default configurations allow anyone to access the admin page by directly accesing that url

So to prevent non-admin to direct access the admin page just open "admin.php" with a text editor and search for:" $discuz->init(); "

Newline, and just add the following code:

if(!$_G['uid'] || !getstatus($_G['member']['allowadmincp'], 1)) {
header('Location: /');

then save the file that all.

Now if non-admin try to access the admin page they will be redirected to the home page, and if you would redirect them to any other page (like a  external page or a fake admin page) just change the slash " / " by your link.

ps: if anyone know how to apply this toturial to the uc_server admin page :
don't hesitate to share that with us thanks.

This post contains more resources

You have to Login for download or view attachment(s). No Account? Register



Number of participants 1Rating +1 Collapse Reason
vot + 1 Usefull

View Rating Log

 United States

Post time: 2018-6-14 18:41
| Show all posts
I usually remove the /yoursite/admin.php and /yoursite/uc_server/admin.php files from my server and upload them only when I need to access.

Your tip for /yoursite/admin.php is also a great idea.

Thank you!

You have to log in before you can reply Login | Register

Points Rules

Archive|Mobile|Dark room|CodersClub  

2019-1-22 20:26 GMT+3 , Processed in 0.092190 sec., 12 queries .

Powered by Discuz! X3.4

Release 20170801, © 2001-2019 Comsenz Inc.

MultiLingual version, Rev. 710, © 2009-2019

Quick Reply To Top Return to the list