Make it an option to change the WP-amin folder in an easy way.

  • Dr_Ernst

    (@dr_ernst)


    13 years, 2 months ago

    Make it an option to change the WP-amin folder in an easy way, this is mainly to confuse hackers and robots ofc.. It won’t be fool-proof but it will help! This will atleast fool som people who are developing spiders who aim for hacking wordpress sites.. It’s hard to hack a site if you don’t know where the login section is..

    For all you guys trying to do so by yourself here is a tutorial.. Do I tdon’t think the update will go so smoothly afterwards and I have messed up the admin sections css by following it. This wouldn’t have been so bad if it wheren’t like this that they use sprites for the pictures used in the buttons in the admin section.. I think I will hard code it in.. but that’s not a good solution.. SO if someone could make this workd dynamically it would be great!

Viewing 8 replies - 1 through 8 (of 8 total)
  • Thread Starter Dr_Ernst

    (@dr_ernst)

    13 years, 2 months ago

    Forgot to add an link:

    Link to the tutorial how to change wp-admin bolder (The css will be messed up though in the admin section)

    Thread Starter Dr_Ernst

    (@dr_ernst)

    13 years, 2 months ago

    *bolder=folder

    And I saw that this solution isn’t so good cause when surfing to wp-admin you are redirected to wp-login.php so You have to rename that file also.. But I think with grepwin you can change all the instanced where that filename occur also.. I’ll try it..

    So TO DO for the developer community A WAY TO EASILY CHANGE THE WP-ADMIN FOLDER AND THE WP-LOGIN.PHP DYNAMICALLY.

    Thread Starter Dr_Ernst

    (@dr_ernst)

    13 years, 2 months ago

    with dynamically I mean that it will remain changed even after updating wordpress..

    Thread Starter Dr_Ernst

    (@dr_ernst)

    13 years, 2 months ago

    so far so good when I changed all the occurences of wp-login.php to some custom name I chosed.. Ofc there can bee bugs in the future so that ‘s why the community of developers really should make it possible to change these 2 things in the confiq file: WP-LOGIN.PHP and wp-admin folder name.. and possibly more security holes I don’t know about. WordPress is getting hacked to mutch, I only have installed ca 7 public installations of wordpress! And still 1 of them got hacked. My friend has also installed circa that amount of installations he got all of them hacked. SO THIS IS CRITICAL FOR THE FUTURE OF WORDPRESS. Spiders shouldn’t find the admin log-in section so easily..

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Advisor and Activist

    13 years, 2 months ago

    It’s not critical. In fact, we’ve already gone over that.

    What you’re proposing is called Security Through Obscurity and generally it doesn’t help as much as you’d think it would.

    Far better is to secure your wp-admin folder – http://codex.wordpress.org/Hardening_WordPress#Securing_wp-admin

    Thread Starter Dr_Ernst

    (@dr_ernst)

    13 years, 2 months ago

    Question:
    Is htpasswd safe enough to protect wp-admin?
    And do htpasswd work well with WordPress perhaps it will limit the possability for some of the wordpress files to access the files contained in the wp-admin folder also?

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Advisor and Activist

    13 years, 2 months ago

    Is htpasswd safe enough to protect wp-admin?

    Yes.

    And do htpasswd work well with WordPress perhaps it will limit the possability for some of the wordpress files to access the files contained in the wp-admin folder also?

    It has the possibility to cause problems with that.

    Andrew Nacin

    (@nacin)

    13 years, 2 months ago

    Yeah, changing wp-admin is one thing, but doing it for security purposes is just plain wrong. You’d be better to restrict by IP, HTTP authentication, SSL, and other tweaks.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Make it an option to change the WP-amin folder in an easy way.’ is closed to new replies.