HOW TO secure my Administration Panel?

Talk and info about common issues and learn how to do almost anything with ApPHP AdminPanel

Moderator: alexandrleonenko

Site Admin
Site Admin
Posts: 6081
Joined: Jan 7th, '09, 23:18

HOW TO secure my Administration Panel?

Postby administrator » Jul 24th, '09, 11:07

To make your Administration Panel to be more secure you can perform next steps:

1. Turn off directory browsing.
1.1 [Not recommended] Add in each directory empty default file (generally index.html)
1.2. By
Using .htacces
Open your .htacces file, look for Options Indexes. If Options Indexes exists modify it to Options -Indexes or else add
Options -Indexes as a new line. The directory browsing feature should be disable by now.

Using httpd.conf
Open your httpd.conf, normally it’s located at /usr/local/apache/conf or /etc/httpd.conf. Go to your own Virtual Host settings
and look for "Options Indexes". Change the Indexes to -Indexes if Option Indexes exists or else add the Options -Indexes line
Restart your apache web server.

CPanel Share Hosting
Login to your CPanel. Click on Index Manager. Directory will be list down. Click on the directory name which you want to disable the directory browsing
Select No Index and click Save.

2. Add HTTP Authentication to Admin area.
2.1 By

Using Basic authentication

Code: Select all


$username = null;
$password = null;

// mod_php
if (isset($_SERVER['PHP_AUTH_USER'])) {
    $username = $_SERVER['PHP_AUTH_USER'];
    $password = $_SERVER['PHP_AUTH_PW'];
// most other servers
} elseif (isset($_SERVER['HTTP_AUTHENTICATION'])) {
        if (strpos(strtolower($_SERVER['HTTP_AUTHENTICATION']),'basic')===0) 
          list($username,$password) = explode(':',base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));

if (is_null($username)) {
    header('WWW-Authenticate: Basic realm="My Realm"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Text to send if user hits Cancel button';
} else {
    echo "<p>Hello {$username}.</p>";
    echo "<p>You entered {$password} as your password.</p>";


Read more here...

Using CPanel Share Hosting

Return to “ApPHP AdminPanel {HOW TO}”