Threaded Mode | Linear Mode

Tm0 · 09-29-2009, 02:19 PM

Read the thread next time. If your running a hacking forum you should know this. http://community.mybboard.net/thread-44977.html

matt525 · 09-30-2009, 08:07 AM

I always rename admin directory to like admin123 or something else which works fine for me in forums case and any other CMS which do not use paths for admin or include files from root folder to work

Mental · 09-30-2009, 07:18 PM

I'd use it if I knew how..

*Googles**

Tm0 · 10-01-2009, 01:50 PM

(09-29-2009 02:19 PM)Tm0 Wrote: Read the thread next time. If your running a hacking forum you should know this. http://community.mybboard.net/thread-44977.html

(09-30-2009 07:18 PM)Mental Wrote: I'd use it if I knew how..

*Googles**

....

Detective RooTz · 01-13-2010, 05:39 PM

(02-14-2009 10:00 PM)Labrocca Wrote: I know most websites use an admincp that has authentication but how many people double up on that authentication with htaccess as well?

I think it's very important because if your site is sql injected and a persona can elevate their own privileges to admin then they usually head straight for admincp. A good way to avoid this is to htaccess protect your admincp which can thwart a hacker and end the penetration level.

Yeah, I heard you can do that. I tried but what happens if you have a forum with say 12 staff members as admin say blah blah blah total of say 100(Just saying incase your forum is freaking huge) and you have to put all those ip's into the .htaccess or you can use a range but how do you know a non staff member isn't in that range then you will have problems incase they do hack it. So, can't really rely on that to much but I do also suggest if you do use this use a Fake admincp to rename your "/Admin/" folder and use the fake login