Please select To the mobile version | Continue to access the desktop computer version
| |
| | |


 Forgot password?
View: 9869|Reply: 1
Collapse the left

How to block non-admin direct access to admin.php page

  [Copy link]


Post time: 2015-02-18 18:03
| Show all posts |Read mode
Edited by Mourad at 2015-2-18 16:02

As we know Discuz default configurations allow anyone to access the admin page by directly accesing that url

So to prevent non-admin to direct access the admin page just open "admin.php" with a text editor and search for:" $discuz->init(); "

Newline, and just add the following code:

if(!$_G['uid'] || !getstatus($_G['member']['allowadmincp'], 1)) {
header('Location: /');

then save the file that all.

Now if non-admin try to access the admin page they will be redirected to the home page, and if you would redirect them to any other page (like a  external page or a fake admin page) just change the slash " / " by your link.

ps: if anyone know how to apply this toturial to the uc_server admin page :
don't hesitate to share that with us thanks.

This post contains more resources

You have to Login for download or view attachment(s). No Account? Register



Number of participants 1Rating +1 Collapse Reason
vot + 1 Usefull

View Rating Log

 United States

Post time: 2018-06-14 18:41
| Show all posts
I usually remove the /yoursite/admin.php and /yoursite/uc_server/admin.php files from my server and upload them only when I need to access.

Your tip for /yoursite/admin.php is also a great idea.

Thank you!

You have to log in before you can reply Login | Register

Points Rules

Archive|Mobile|Dark room|CodersClub


2024-05-27 12:33 GMT+3 , Processed in 0.029198 sec., 9 queries .

Powered by Discuz! X3.4 Release 20230520

© 2001-2024 Discuz! Team.

MultiLingual version, Rev. 4301, ©

Quick Reply To Top Return to the list