HowTo XF2.X.X Renaming Admin.php (1 Betrachter)

  • Ersteller des Themas
  • #1


Black-Market: 0 / 0 / 0
29 April 2020
3 %
Perhaps this problem has been asked by many of you on different forums about how to change the name of the admin.php file to hide the ACP login page so that there is no error. To do this, you follow the steps below:

Step 1: You can edit directly to the original file under the path /src/XF/App.php (avoid errors with some security addons like DragonByte Security), for simplicity you open the config file. Follow the src/config.php path and paste the following code at the bottom

$c['router.admin.formatter'] = $c->wrap(function($route, $queryString)
   $suffix = $route . (strlen($queryString) ? '&' . $queryString : '');
   return strlen($suffix) ? 'not_admin.php?' . $suffix : 'not_admin.php';
In there, you replace not_admin.php with any name, for example aiwbz.php

Step 2: Rename "admin.php" in ftp root directory to "aiwbz.php".

After completing this step, you can login to ACP under the path yourdomain/aiwbz.php, but when you enable/disable addons, update forum, run cron, ... will be error as shown


To fix this, you have 2 ways:
  • Method 1: Edit manually by replacing admin.php to aiwbz.php on the address bar after each error as shown above.
  • Method 2: Edit directly to the original file of Xenforo 2 to rename admin.php to aiwbz.php (I have successfully tested this way and no more errors)
Step 3: Create a virtual admin.php file to fool hackers.
- After completing step 2, the real admin.php file will be changed. You can create a virtual admin.php file with the content as shown in the attachment below

  • Details: 334 Bytes 0x


Black-Market: 0 / 0 / 0
4 April 2019
100 %
What kind of stuff will be shown if you open this new virtual Admin.php file ?

A screenshot might be nice, thx 4 sharing


Black-Market: 0 / 0 / 0
20 November 2011
14 %
A simpler way would be to just Rewrite aiwbz.php for example to admin.php, then in admin.php checking if the url was made using aiwbz.php and if not just redirect or blank the page. This way you dont have to rewrite admin.php to aiwbz.php on everything, and keep it nice and clean

Dieses Thema betrachten gerade (Benutzer: 0, Gäste: 1)