Jump to:

4935 Posts in 16178 Topics by 1488 members

Installing SilverStripe

SilverStripe Forums » Installing SilverStripe » how to changing admin CP path?

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 3956 Views
  • Mikan
    Avatar
    Community Member
    17 Posts

    how to changing admin CP path? Link to this post

    hello,

    I have been used silverstripe for months,

    Currently, my all sites admin path as below:

    www.mysite.com/admin

    This path is not safe, I want change my Admin CP myselft.

    www.mysite.com/myself

    Can You tell me How to change This ?

    Thanks

  • Invader_Zim
    Avatar
    Community Member
    141 Posts

    Re: how to changing admin CP path? Link to this post

    Hi.

    I don't have a solution, I think it's hardcoded in Sapphire that the administration of the cms maps to an url like http://yoursite/admin/ .
    So i think you will have to do a lot of "core-hacking" to do this with SilverStripe.

    As an example here is a snippet from sapphire/core/control/ContentController.php , line 226:

    $cmsLink = 'admin/show/' . $this->dataRecord->ID;

    Cheers,
    Christian

  • apiening
    Avatar
    Community Member
    55 Posts

    Re: how to changing admin CP path? Link to this post

    hi mikan,

    you might want to try Director::addRules() to map "myself" to "admin". to prevent access to "admin" try adding a rule to your .htaccess.

    but imo that gives you a false sense of security. the hacker that is smart enough to hack your password protection is surely smart enough to find your custom login form. silverstripe is very secure. if you have serious concerns, post a description of the exploit to security@silverstripe.org.

    cheers

    undy

  • ttyl
    Avatar
    Community Member
    114 Posts

    Re: how to changing admin CP path? Link to this post

    yes, but this presumes an attacker is trying to attack your specific site rather than some script kiddie hitting random '/admin' pages and trying common passwords. although 'security by obscurity' is supposed to provide a false sense of security it is a good deterrent against being hit by a script kiddie. best to remove the low-hanging fruit. by looking at the logs of any site you'll see '/admin' and 'phpmysql' being hit constantly.

    with that said, I'm also looking to change my admin URL myself (hence finding this thread), does anybody have a functioning example of this? I don't see how an htaccess redirect wouldn't interfere with anything established by director:addrules - but I'm also not very familiar with director...

    thanks.

  • brokemeister
    Avatar
    Community Member
    30 Posts

    Re: how to changing admin CP path? Link to this post

    Hi!

    You could create a subdomain and get access via e.g. mysubdomain.domain.com/admin/. Additional you could protect the subdomain with a .htaccess password.
    Afterwards you can redirect www.domain.com/admin/ to www.domain.com with modrewrite....

    Cheers,

    Malte

    3956 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.