Password Protect the Admin Directory

[shay75]

Add a second layer of protection to the admin directory by setting up .htaccess password protection. Most users can do this via the Password Protect Directories option in cPanel. Remember to keep your .htaccess username/password distinct and unique.

________________________________________________________________________

 

I do not have cPanel

I have Direct Admin

 

How do I do that Direct Admin? Or what code I put in .htaccess ?

[shay75]

I found how to do it

But insert the password it is only one time I want every time you go into to admin ask for the password

[shay75]

Action has to do cron job?

cron job for protect directories

[And then there was one les]

ht authentication uses session cookies to keep track of the authenticated session. You would need to expire the session when the admin leaves the admin area this isn't impossible but it may not be practical in a production environment.

 

It will soon become a mind numbing chore to have to authenticate every single time you return to the admin area. For occasional use sure its viable, but as your client base grows you are going to be in and out of the admin area a great deal.

[Alex - Arvixe]

One recommended step for further admin security is changing the actual admin directory so others can't locate it in the first place. I've written a guide on how to do so here: http://blog.arvixe.com/whmcs-changing-admin-directory/