Captcha in the admin login
- Thread starter enricodias4654
- Start date
No, but it can happen.sukhman21 said:Are you experiencing brute force attacks ???
just change the admin folder name and path in the config file and strip all info from the page itself that its an admin login, and if somehow someone finds it they wouldnt know what the login is for
i dont know if this would work, couldnt you just delete the admin folder and upload it only when you need it, then delete it again when you're done, i dont think its needed for the script to run
i dont know if this would work, couldnt you just delete the admin folder and upload it only when you need it, then delete it again when you're done, i dont think its needed for the script to run
You can't delete the admin folder, cron tasks are inside it. Renaming it will just make the attacker take a little longer to figure out the new name. The attacker will assume that a strange login screen is the admin.paypal1352 said:just change the admin folder name and path in the config file and strip all info from the page itself that its an admin login, and if somehow someone finds it they wouldnt know what the login is for
i dont know if this would work, couldnt you just delete the admin folder and upload it only when you need it, then delete it again when you're done, i dont think its needed for the script to run
As I have fixed ips on my company I restricted the access using .htaccess, but for the people that can't do this captcha is the best option.
for my website, i have my admin folder name changed to something random and updated in config file as mentioned by paypal1352. Just out of curiosity, how would attackers still be able to get my admin login page URL?
Personally i haven't seen any attacks on my admin page so far.
Personally i haven't seen any attacks on my admin page so far.
They can guess it, use brute force or dictionary attacks and etc.sukhman21 said:for my website, i have my admin folder name changed to something random and updated in config file as mentioned by paypal1352. Just out of curiosity, how would attackers still be able to get my admin login page URL?
Personally i haven't seen any attacks on my admin page so far.
Few months ago I managed to download a .DS_Store file from a website who was hiding the admin folder and with this file I managed to get the file structure from his website and find the admin url. This is just a silly example.