Changing the URL for the admin site
Hi Konrad,
You can do that by changing the word "admin" in the line 71
in bl-kernel/dbsite.class.php to something else.
I think we need to take note of this change to apply again if we update bludit.
Regards,
Hung
You can do that by changing the word "admin" in the line 71
Code: Select all
$filters['admin'] = '/admin/';
I think we need to take note of this change to apply again if we update bludit.
Regards,
Hung
Oh I forgot another change.
The file bl-kernel/boot/init.php, line 221, change word "admin" to your own word.
The file bl-kernel/boot/init.php, line 221, change word "admin" to your own word.
Code: Select all
define('HTML_PATH_ADMIN_ROOT', HTML_PATH_ROOT.'admin/');
you can with 2 ways .
first way is finding the admin url in the kernel file and the 2nd is creating .htaccess file and add a rule for redirection , for example :
Same as above except in the reverse, this one forces the www. into your url.
This works well if your pages are php enabled, simply place this code at the very top of the old file and your visitors will be smoothly sent to the new location.
first way is finding the admin url in the kernel file and the 2nd is creating .htaccess file and add a rule for redirection , for example :
Redirect www to non www version of site//301 Redirect Old File
Redirect 301 /oldpage.html http://www.example.com/newpage.html
Redirect non-www to wwwRewriteEngine on
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^example\.com
RewriteRule (.*) http://example.com/$1 [R=301,L]
Same as above except in the reverse, this one forces the www. into your url.
Another Method - PHP RedirectRewriteEngine on
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
This works well if your pages are php enabled, simply place this code at the very top of the old file and your visitors will be smoothly sent to the new location.
Another Method - Meta Redirect
hope i could helpedmeta http-equiv="refresh" content="10; url=http://example.com/">
Content="10; tells the browser to wait 10 seconds before transfer, choose however long you would like, you can even choose 0 to give a smoother transition.
-
- Jr. Bludit
- Posts: 2
- Joined: Sun Jan 08, 2017 1:00 pm
Did you try the kernel way? I did and I get error messages.. since everything on the dashboard is based on the admin url, the page wants to find domain.com/admin/dashboard for example but doesn't find it.
I would like to set a htaccess rule to block the admin page to all ip addresses but my own instead, like you can do with Wordpress but I haven't managed to make it work with Bludit yet.
I suppose it's for security that the original poster wants to change the url?
I would like to set a htaccess rule to block the admin page to all ip addresses but my own instead, like you can do with Wordpress but I haven't managed to make it work with Bludit yet.
I suppose it's for security that the original poster wants to change the url?
Thanks, I think it's good to change the admin url so hackers can't find it and try to brute force it.
Trenorol on https://www.tenderbuttons.com/trenorol-review-results is a good choice.
@susannelisa I did not change anything yet, but will try it in the next days
but another question did you adjust this constant as well?:
According to your question to block the admin page, did you saw this topic viewtopic.php?f=6&t=733&p=2894&hilit=security#p2894, in the last comment, diego wrote that you can edit /bl-kernel/admin/controller/login.php to implement some simple IP restriction like:
but another question did you adjust this constant as well?:
Code: Select all
define('HTML_PATH_ADMIN_ROOT', HTML_PATH_ROOT.'admin/');
Code: Select all
if ($_SERVER['REMOTE_ADDR'] !== 'your IP') {
// go to hell
return die();
}
Hi,
i have the solution for both cases:
1) Change the admin url
In files below change the code as follow
bludit\bl-kernel\dbsite.class.php
to
bludit\bl-kernel\admin\controllers\ in files
about.php
add-user.php
configure-plugin.php
install-plugin.php
install-theme.php
login-email.php
login.php
plugins.php
settings-advanced.php
settings-general.php
settings-regional.php
settings.php
themes.php
uninstall-plugin.php
users.php
change all occurences of to
bludit\bl-kernel\boot\init.php
add or change
if you#re using default template and still want to use the login section
bludit\bl-themes\log\index.php
2) IP restriction for the login
Add following line in
bludit\bl-kernel\boot\init.php
and in
bludit\bl-kernel\admin\controllers\login.php
This was tested successful locally with the version of bludit 1.5.2.
Have fun
Best regards,
Konrad
i have the solution for both cases:
1) Change the admin url
In files below change the code as follow
bludit\bl-kernel\dbsite.class.php
Code: Select all
$filters['admin'] = 'admin';
Code: Select all
$filters['admin'] = ADMIN_SLUG;
about.php
add-user.php
configure-plugin.php
install-plugin.php
install-theme.php
login-email.php
login.php
plugins.php
settings-advanced.php
settings-general.php
settings-regional.php
settings.php
themes.php
uninstall-plugin.php
users.php
change all occurences of
Code: Select all
Redirect::page('admin', 'dashboard');
Code: Select all
Redirect::page(ADMIN_SLUG, 'dashboard');
bludit\bl-kernel\boot\init.php
add or change
Code: Select all
define('ADMIN_SLUG', 'adminek');
define('HTML_PATH_ADMIN_ROOT', HTML_PATH_ROOT.ADMIN_SLUG.'/');
bludit\bl-themes\log\index.php
Code: Select all
<!-- Actions -->
<section>
<ul class="actions vertical">
<li><a href="<?php echo $Site->url().ADMIN_SLUG ?>" class="button big fit"><?php $L->p('Login') ?></a></li>
</ul>
</section>
Add following line in
bludit\bl-kernel\boot\init.php
Code: Select all
define('ALLOWED_IP','::1');
bludit\bl-kernel\admin\controllers\login.php
Code: Select all
if (ALLOWED_IP !== '' && $_SERVER['REMOTE_ADDR'] !== ALLOWED_IP) {
// go to hell
die();
}
Have fun
Best regards,
Konrad
- Torsten_Kelsch
- Legend Bludit
- Posts: 263
- Joined: Thu Aug 27, 2015 10:24 pm
- Location: Germany
- Has thanked: 4 times
- Been thanked: 2 times
- Contact:
The restriction to only your own IP addresses can be done via .htacess in case you use an Apache HTTP server:
First IP is an IPv4, and second is IPv6. And this example is for Apache 2.4 or later.
This way you don’t need to touch Bludit’s core files, which would be overridden on updates anyway.
Code: Select all
<FilesMatch "^(.*)?admin(.*)$">
Require all denied
Require ip 12.345.
Require ip 1234:56::/32
</FilesMatch>
This way you don’t need to touch Bludit’s core files, which would be overridden on updates anyway.
On Error GoTo Bed