Dolphin administration access hidden

does somebody know,

how one

Dolphin administration access hidden.

You can change the name of the directory on the server and then make the changes in the /inc/header.inc.php file to reflect this change.  Never done it.  One thing you can do is to move the admin member from member 1 since when Dolphin is installed, member 1 is the default admin.  If I was going to try and hit a Dolphin site, I would run a script to hammer member 1.  Of course using a real password that is long and complex is effective at keeping out hackers.  I am surprised at the number of people who still uses weak passwords such as the name of their dog or cat.  I have also noticed a lot of password generators create rather weak passwords as well.

I use this

Hide your Dolphin Admin backend:

First create a directory with fantasy names like yx4586 in the root dolphin

Then create index.php in the yx4586 directory

Then copy this code into the index.php.

<?php

    // Cookie name + value to be tested in the htaccess

    // Can be customized

    $cookiename = 'accesscookie';

    $cookievalue = 'accessallowed';

    setcookie($cookiename, $cookievalue, 0, '/');

    // Set the schema if not given by the server (http(s))

    if (!isset($_SERVER['REQUEST_SCHEME']))

    {

        $_SERVER['REQUEST_SCHEME'] = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 'https' : 'https';

    }

    // http(s)://

    $url = $_SERVER['REQUEST_SCHEME'] . '://';

    // Domain

    $url .= $_SERVER['SERVER_NAME'];

    // possibly subfolder + "administration"

    $url .= rtrim(dirname(dirname($_SERVER['SCRIPT_NAME'])), '/') . '/administration';

    // forwarding

    header('Location: ' . $url);

Go to the directory Administration / htaccess

write this code in the .htaccess:

Rewrite Engine On

RewriteCond %{HTTP_COOKIE} !accesscookie=accessallowed [NC]

RewriteRule .* - [R=404,NC,L]

If you like.