Page 1 of 1
Changing the URL for the admin site
Posted: Fri Dec 30, 2016 12:31 pm
by kondor
Hi all,
Is there any way to change the admin url to some different slug?
I want to use something like mysite/my_new_admin_url instead of using mysite/admin.
Thanks,
Konrad
Re: Changing the URL for the admin site
Posted: Thu Jan 19, 2017 11:37 am
by hungtran
Hi Konrad,
You can do that by changing the word "admin" in the line 71
in bl-kernel/dbsite.class.php to something else.
I think we need to take note of this change to apply again if we update bludit.
Regards,
Hung
Re: Changing the URL for the admin site
Posted: Thu Jan 19, 2017 11:41 am
by hungtran
Oh I forgot another change.
The file bl-kernel/boot/init.php, line 221, change word "admin" to your own word.
Code: Select all
define('HTML_PATH_ADMIN_ROOT', HTML_PATH_ROOT.'admin/');
Re: Changing the URL for the admin site
Posted: Tue Jan 24, 2017 12:29 pm
by amr
you can with 2 ways .
first way is finding the admin url in the kernel file and the 2nd is creating .htaccess file and add a rule for redirection , for example :
Redirect www to non www version of site
RewriteEngine on
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^example\.com
RewriteRule (.*)
http://example.com/$1 [R=301,L]
Redirect non-www to www
Same as above except in the reverse, this one forces the www. into your url.
Another Method - PHP Redirect
This works well if your pages are php enabled, simply place this code at the very top of the old file and your visitors will be smoothly sent to the new location.
Another Method - Meta Redirect
meta http-equiv="refresh" content="10; url=
http://example.com/">
Content="10; tells the browser to wait 10 seconds before transfer, choose however long you would like, you can even choose 0 to give a smoother transition.
hope i could helped
Re: Changing the URL for the admin site
Posted: Sat Jan 28, 2017 6:25 pm
by kondor
Thanks @hungtran and @amr,
changing it directly in the kernel is the best option in my case, redirection via .htaccess file is not the preferable way in hiding the admin url.
Best regards,
Konrad
Re: Changing the URL for the admin site
Posted: Wed Feb 01, 2017 11:29 am
by susannelisa
Did you try the kernel way? I did and I get error messages.. since everything on the dashboard is based on the admin url, the page wants to find domain.com/admin/dashboard for example but doesn't find it.
I would like to set a htaccess rule to block the admin page to all ip addresses but my own instead, like you can do with Wordpress but I haven't managed to make it work with Bludit yet.
I suppose it's for security that the original poster wants to change the url?
Re: Changing the URL for the admin site
Posted: Sat Feb 11, 2017 7:14 am
by MurphLee
Thanks, I think it's good to change the admin url so hackers can't find it and try to brute force it.
Re: Changing the URL for the admin site
Posted: Tue Feb 14, 2017 8:53 am
by kondor
@susannelisa I did not change anything yet, but will try it in the next days
but another question did you adjust this constant as well?:
Code: Select all
define('HTML_PATH_ADMIN_ROOT', HTML_PATH_ROOT.'admin/');
According to your question to block the admin page, did you saw this topic
viewtopic.php?f=6&t=733&p=2894&hilit=security#p2894, in the last comment, diego wrote that you can edit /bl-kernel/admin/controller/login.php to implement some simple IP restriction like:
Code: Select all
if ($_SERVER['REMOTE_ADDR'] !== 'your IP') {
// go to hell
return die();
}
Re: Changing the URL for the admin site
Posted: Wed Feb 15, 2017 9:08 pm
by kondor
Hi,
i have the solution for both cases:
1) Change the admin url
In files below change the code as follow
bludit\bl-kernel\dbsite.class.php
to
bludit\bl-kernel\admin\controllers\ in files
about.php
add-user.php
configure-plugin.php
install-plugin.php
install-theme.php
login-email.php
login.php
plugins.php
settings-advanced.php
settings-general.php
settings-regional.php
settings.php
themes.php
uninstall-plugin.php
users.php
change all occurences of
Code: Select all
Redirect::page('admin', 'dashboard');
to
Code: Select all
Redirect::page(ADMIN_SLUG, 'dashboard');
bludit\bl-kernel\boot\init.php
add or change
Code: Select all
define('ADMIN_SLUG', 'adminek');
define('HTML_PATH_ADMIN_ROOT', HTML_PATH_ROOT.ADMIN_SLUG.'/');
if you#re using default template and still want to use the login section
bludit\bl-themes\log\index.php
Code: Select all
<!-- Actions -->
<section>
<ul class="actions vertical">
<li><a href="<?php echo $Site->url().ADMIN_SLUG ?>" class="button big fit"><?php $L->p('Login') ?></a></li>
</ul>
</section>
2) IP restriction for the login
Add following line in
bludit\bl-kernel\boot\init.php
and in
bludit\bl-kernel\admin\controllers\login.php
Code: Select all
if (ALLOWED_IP !== '' && $_SERVER['REMOTE_ADDR'] !== ALLOWED_IP) {
// go to hell
die();
}
This was tested successful locally with the version of bludit 1.5.2.
Have fun
Best regards,
Konrad
Re: Changing the URL for the admin site
Posted: Tue Mar 28, 2017 7:22 pm
by Torsten_Kelsch
The restriction to only your own IP addresses can be done via .htacess in case you use an Apache HTTP server:
Code: Select all
<FilesMatch "^(.*)?admin(.*)$">
Require all denied
Require ip 12.345.
Require ip 1234:56::/32
</FilesMatch>
First IP is an IPv4, and second is IPv6. And this example is for Apache 2.4 or later.
This way you don’t need to touch Bludit’s core files, which would be overridden on updates anyway.