HowTo XF2.X.X Renaming Admin.php (1 Betrachter)

  • Ersteller des Themas
  • #1

thahtrung06

Registriert
Black-Market: 0 / 0 / 0
29 April 2020
12
3 %
Perhaps this problem has been asked by many of you on different forums about how to change the name of the admin.php file to hide the ACP login page so that there is no error. To do this, you follow the steps below:

Step 1: You can edit directly to the original file under the path /src/XF/App.php (avoid errors with some security addons like DragonByte Security), for simplicity you open the config file. Follow the src/config.php path and paste the following code at the bottom

Code:
$c['router.admin.formatter'] = $c->wrap(function($route, $queryString)
{
   $suffix = $route . (strlen($queryString) ? '&' . $queryString : '');
   return strlen($suffix) ? 'not_admin.php?' . $suffix : 'not_admin.php';
});
In there, you replace not_admin.php with any name, for example aiwbz.php

Step 2: Rename "admin.php" in ftp root directory to "aiwbz.php".

After completing this step, you can login to ACP under the path yourdomain/aiwbz.php, but when you enable/disable addons, update forum, run cron, ... will be error as shown

18052

To fix this, you have 2 ways:
  • Method 1: Edit manually by replacing admin.php to aiwbz.php on the address bar after each error as shown above.
  • Method 2: Edit directly to the original file of Xenforo 2 to rename admin.php to aiwbz.php (I have successfully tested this way and no more errors)
Step 3: Create a virtual admin.php file to fool hackers.
- After completing step 2, the real admin.php file will be changed. You can create a virtual admin.php file with the content as shown in the attachment below
 


  • Details: 334 Bytes 0x

Skull³

Community-Team
Teamleitung
Black-Market: 0 / 0 / 0
4 April 2019
7.311
100 %
What kind of stuff will be shown if you open this new virtual Admin.php file ?

A screenshot might be nice, thx 4 sharing
 

GooMan

Forum-Mitglied
Black-Market: 0 / 0 / 0
20 November 2011
116
14 %
A simpler way would be to just Rewrite aiwbz.php for example to admin.php, then in admin.php checking if the url was made using aiwbz.php and if not just redirect or blank the page. This way you dont have to rewrite admin.php to aiwbz.php on everything, and keep it nice and clean
 

Dieses Thema betrachten gerade (Benutzer: 0, Gäste: 1)