This article will take Joomla! backend link as an example to explain how to "modify" our backend link to make it more secure.
Principle: Register a session for the background entrance through a specific file, otherwise it will fail and exit. That is, you will not be able to log in to the backend if you directly use the original backend address. In this way, the diversity and changeability of the entry file name will provide a more secure environment for your background login.
1. Entry file: myadmin.php (the file name can be changed at any time)
Function: Register session. The source code is as follows:
Copy code The code is as follows:
session_name( "Zjmainstay" ); //session name can be changed, please note that it corresponds to
session_start();
$_SESSION['admin_user'] = "Y"; //session variable name can be changed, please note that it corresponds to
session_write_close();
?>
[html]
2. Modify the background entry file: /administrator/index.php (can be the beginning of the entry file of any CMS)
Function: Use session to control entry. The source code is as follows:
[code]
define('_JEXEC', 1); //Original file Line 9
define('DS', DIRECTORY_SEPARATOR); //Original file Line 10
// Add
session_name( "Zjmainstay" );
session_start();
$ok_to_browse = ( $_SESSION['admin_user'] == "Y" );
if ( !$ok_to_browse ) {
header("Content-type: text/html; charset=utf-8");
exit('Illegal access is denied!');
}else{
$ _SESSION['admin_user'] = "Y"; //Continue the use of session
session_write_close();
}
// Add End
Login example: http:// /www.youdomain.com/myadmin.php
After pressing Enter, it will automatically jump to: http://www.youdomain.com/administrator/ (original backend login address)
And Directly entering: http://www.youdomain.com/administrator/ will prompt 'Illegal access denied' and exit.
Author: Zjmainstay
Source: http://www.cnblogs.com/Zjmainstay/
http://www.bkjia.com/PHPjc/325927.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/325927.htmlTechArticleThis article will use Joomla! background link as an example to explain how to "modify" our background link to make it more secure . Principle: Register a session for the backend entrance through a specific file, otherwise it will exit if it fails...