Announcement

Collapse
No announcement yet.

Trying to Protect Vbulletin

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • donald1234
    replied
    You should put a .htaccess file inside your includes folder ie the same place as your config.php with a deny all order.

    order deny,allow
    deny from all

    Do the same for packages and vb. As for admincp and modcp you can't deny all as you and your mods need in so if you have a fixed ip address put this in.

    order deny,allow
    deny from all
    # alow the admin
    allow from xx.xx.xx.xx (your ip)

    If you do not have a fixed ip address then that won't work and you will need to use a password as described above, this is second best.

    Ps. the above saved me from this hack nightmare ie a rouge admin registered but he could not access my admincp because it was protected with the above .htaccess file.
    Last edited by donald1234; Tue 1st Oct '13, 3:52am.

    Leave a comment:


  • hurricane_sh
    replied
    .htpasswd can be put in any folders that can be read by Apache. I usually place outside of www directory. e.g.

    Your www looks like: /home/yourdomain/www
    You can place it in /home/yourdomain/password/

    Leave a comment:


  • Maksi
    started a topic Trying to Protect Vbulletin

    Trying to Protect Vbulletin

    With so many people getting hacked I am trying to protect my sites as much as possible.

    I renamed my Admincp and Modcp directories and then made the following changes to includes/config.php by following the following steps:
    http://www.vbulletin.com/forum/forum...me?view=stream

    So now I want to hide my admincp and modcp behind .htaccess and .htpasswd. I would like to know what folder to put .htpasswd in? I am following these steps located here: www.vbulletin.org/forum/showthread.php?t=232303

Related Topics

Collapse

Working...
X