×

Welcome to TagMyCode

Please login or create account to add a snippet.
 

secure-your-magento-admin

0
0
 
0
Language: PHP
Posted by: bejoy balan
Added: Nov 16, 2015 7:01 AM
Views: 1917
Tags: admin magento secure
  1. Changing the URL for your Magento admin isn't really a way to protect your store; security through obscurity isn't security at all. Fortunately, there is a nice simple modification that you can make to your .htaccess file to protect certain URLs from prying eyes.
  2. For a single-store view Magento installation
  3.  
  4. ############################################
  5. ## Secure admin
  6.  
  7. RewriteCond %{REQUEST_URI} ^/(index.php/)?admin/ [NC,OR]
  8. RewriteCond %{REQUEST_URI} ^/downloader/ [NC]
  9. RewriteCond %{REMOTE_ADDR} !^my.ip.add.ress
  10. RewriteRule ^(.*)$ http://%{HTTP_HOST}/ [R=302,L]
  11. For a Store View in a Subdirectory
  12.  
  13. If you have Magento installed in a subdirectory, or a store view as a virtual subdirectory of the main domain name, Eg. https://www.sonassi.com/shop/ Eg. https://www.sonassi.com/en/ Eg. https://www.sonassi.com/fr/
  14. ############################################
  15. ## Secure admin
  16.  
  17. RewriteCond %{REQUEST_URI} ^/(downloader|shop/|en|fr/)?(index.php/)?admin/ [NC,OR]
  18. RewriteCond %{REQUEST_URI} ^/downloader/ [NC]
  19. RewriteCond %{REMOTE_ADDR} !^my.ip.add.ress
  20. RewriteRule ^(.*)$ http://%{HTTP_HOST}/ [R=302,L]
  21.  

Write a comment

To post comments, please log in or register.