| |
| | |

CodersClub

 Forgot password?
 Register
Search
View: 5415|Reply: 2
Collapse the left

Modify admin.php to prevent direct malicious access

[Copy link]
Post time: 2019-03-30 08:10
| Show all posts |Read mode
Open the admin.php file
find
  1. $discuz->init();
Copy the Code

Add the code below:
  1. if(!$_G['uid'] || !getstatus($_G['member']['allowadmincp'], 1)) {
  2.         header('Location: '.$_G['siteurl']);
  3. }
Copy the Code
After modification, those who do not have access to the back end, access to admin.php will automatically jump to the home page of the website, if the administrator wants to log in the back end, must first login in the front end, and then click the link to enter the back end!

 Russia

Post time: 2019-03-31 17:46
| Show all posts
This hack was already published here 4 years before:
Post time: 2015-02-18 18:03

How to block non-admin direct access to admin.php page
Post time: 2019-05-17 04:46
| Show all posts
Very useful. Will try this solution. These malicious access is very annoying.
You have to log in before you can reply Login | Register

Points Rules

Archive|Mobile|Dark room|CodersClub

Top.Mail.Ru
Top.Mail.Ru

2024-11-24 13:20 GMT+3 , Processed in 0.039889 sec., 8 queries .

Powered by Discuz! X3.4 Release 20230520

© 2001-2024 Discuz! Team.

MultiLingual version, Rev. 4301, © codersclub.org

Quick Reply To Top Return to the list