Modify admin login path #727
Comments
|
Hello, To modify the /login and /admin path, it needs quite a lot of changes. htmly using bcrypt as the hash algo (default as of PHP 5.5.0). With good password, at least 8 char and contains upper, lower, number and symbols it need 286 years to crack it (info). To prevent brute force, you can enable the Google reCaptcha (link). Good luck! 😃 |
|
Thank you for the input Dan. The issue is not the security of the script. Issue is: one school campus that has 10+ teachers with internet facing blog to keep parents updated. This is just one campus. Multiply that by 20+ campuses. 200+ installs of HTMLY with all of them using admin/ and/or login/. The amount of rouge traffic is staggering, hits that just keep coming hour after hour 24/7. The IT department will just not allow such. Anyway, thank for reply. |
Teachers can keep logged in or use another IP for login and then switch to campus wifi. However, that is a temporary solution, up until your issue is resolved. Another way is to add each one as a user to one installation itself. Grant them admin rights and that should minimize hopefully. |
Due to so many hits on the internet facing install of HTMLY admin login, the school IT department has shut off our installs of HTMLY.
I am told that if I cannot come up with a solution to change the path to login and admin, we will have to find another platform. This is of course not something any of us want, we love HTMLY :)
My question: how can I modify the /login and /admin paths? Need to be able to use random words in place of login / admin.
Looked at .htaccess and see no reference to login / admin.
Please give me some ideas so we can start using HTMLY again.
The text was updated successfully, but these errors were encountered: