admin interface location - changing for security

tameboy · 2007-05-31 08:45:56

I used another CMS recently (I know, I’m sorry) and there was a strong recommendation to change the /admin/ directory. Should I be changing the /textpattern/ directory to something harder to guess for security reasons.

I’ve searched the various textpattern resources and cannot find reference to this issue.

ruud · 2007-05-31 10:04:46

Making the directory harder to find, doesn’t really make it more secure.
As far as I know there aren’t any outstanding security issues that are related to anything in the textpattern directory.

redbot · 2007-05-31 10:36:43

here and here

tameboy · 2007-05-31 10:48:25

Thanks ruud.

The point made in the other CMS was that it would be very easy to find the sign in pages for the admin section in an /admin/ (or in our case /textpattern/ )directory. Once a hacker finds the sign in page they could set about cracking the password.

If you were to rename it something obscure (random alpha-numeric characters), you would at least make it a lot more difficult to find in the first place.

I am no security expert, but this seems to make sense to me. I just wondered whether it was worth going to the trouble of renaming the directory? Has anybody else done this?

tameboy · 2007-05-31 10:57:04

redbot wrote:

here and here

I knew it would in there somewhere, thanks for that! I understand the issues now, though I don’t think I feel any surer about whether or not to do it :)

Textpattern CMS

Textpattern CMS support forum

#1 2007-05-31 08:45:56

admin interface location - changing for security

#2 2007-05-31 10:04:46

Re: admin interface location - changing for security

#3 2007-05-31 10:36:43

Re: admin interface location - changing for security

#4 2007-05-31 10:48:25

Re: admin interface location - changing for security

#5 2007-05-31 10:57:04

Re: admin interface location - changing for security

Board footer