Morning guys!
Can anyone help with best practice to secure an /portal/admin
directory? A link to documentation will do just fine.
Our website has and /admin directory which don’t want to be accessible
via www.domain.com/portal/admin. Instead, we want hackoff.domain.com
to point to /portal/admin directory. If we could add authentication to
hackoff.domain.com would be great too.
The point is some files on www.domain.com/* include (php include)
files on /portal/admin, so this has to work internally.
I searched the wiki and this website Nginx Secure SSL Web Server @ Calomel.org
(which is great too) but I couldn’t figure out a way to do this.
Any ideas are very welcomed.
Cheers!
On 09/04/2010 03:47, Leonardo C. wrote:
Morning guys!
Can anyone help with best practice to secure an /portal/admin
directory? A link to documentation will do just fine.
Our website has and /admin directory which don’t want to be accessible
via www.domain.com/portal/admin. Instead, we want hackoff.domain.com
to point to /portal/admin directory. If we could add authentication to
hackoff.domain.com would be great too.
I’m not sure it’s a “great security”. There is a lot of spywares in
browsers (the Google Toolbar for example) which will inform about the
used address.
The point is some files on www.domain.com/* include (php include)
files on /portal/admin, so this has to work internally.
Outch. I hope your “php includes” doesn’t use HTTP to load files…
I’m not sure it’s a “great security”. There is a lot of spywares in browsers
(the Google Toolbar for example) which will inform about the used address.
That’s true… would you recommend just having authentication on that
location instead?
Outch. I hope your “php includes” doesn’t use HTTP to load files…
It doesn’t, they’re all include(); directives.
Cheers Oliver!
Leo