Protecting Your Site Using .htaccess



Posted: Saturday, May 21, 2005

by
American Nuke Net

Its about time someone said something about the following and give some of you another way to protect your site. Although this does not help much if you don't have a static IP or are not running your server on a unix machine with apache, for those that do, it is a major protection for your site. Personally, I am not satisfied with Protector or other security programs as yet, they still need alot of work to iron out the bugs, but kudos to those working on them - the community needs them badly.

For instance I was banned at nukecops (and the banned took over a month to be lifted) for using quotes when I did a search, this is a standard across all search engines, but used with at least one of these products, - you will get banned - although In future releases this will be fixed I'm told, it does not save your users. Many have already been banned - most permanently, for things that really did not hurt... and then they cannot contact you to explain themselves, they will not be back. Heaven knows how many users have lost access and privledges when they were not hacking, just using the system.

So now for the htaccess to protect your admin panel: Your .htaccess can be used in many ways to help your site. For more information look here and do a search for htaccess tutorial: http://www.freewebmasterhelp.com/tutorials/htaccess/

After making htaccess Simple effective protection, in notepad type in the following:

< Files admin.php >
Order deny, allow
Deny from all
Allow from your.ip.addygoes.here
< /files >

Now save this as .htaccess and upload to your server. If you have other site admins, there addy will need to go there as well :

Allow from your.ip.addygoes.here
Allow from their.ip.goes.here

You can add several each on its own line. This may not provide 100% protection but then again nothing out there will, but it will protect your system from others getting into your admin panel, unless they use your computer of course.

If your ip does change, ftp to your site, open .htaccess, change the ip number and upload it, you will have access again. You can use this to protect your pic files, part or all of your subdirectories and many other useful things, and this will work to stop robots from interring areas that they ignore in robots.txt. Hope this helps many of you, it has saved my sites many times.

Protecting your site using .htaccess

by Tag Craig http://am-nuke.net

 

This Article has been viewed 861 times. (Not updated in real-time.)
Top-level comments on this article: (1 total)
» left by Devender Verma
 2 years 125 days ago.
3 fans.
Great article Tag. I recommend this to all my clients that use a content management system such as WordPress or Joomla. It's the most secure way of protecting your admin account.
We want your comments! If you can read this, you don't have javascript enabled, so you can't use this comment system. Please enable javascript.