Linux - Opencart SECURITY TIP 6
Check out our other Blog posts!
Linux BlogSECURITY TIP # 6: RESTRICT ACCESS TO YOUR ADMIN AREA BY IP
With the .htaccess file you been working with in other tips you can create what called an ACL (access control list) to deny access to the admin area who IP address is not in the ACL. You could do this for your main site as well (Not recommended - We suggest Tip 5 if that type of restriction is needed)
Yes Virginia you can spook IP. What is the likely hood that out of the millions of public IP’s they will guess the one or five in this file? Pretty darn low folks. The issue we see that happens most of the time is you use an ISP that uses a dynamic head in IP and it changes. Or you go to a coffee shop and cannot access your site.
If that happens you simply ftp/SFTP into your site and REM out the ACL with # signs.
Now to the good stuff how to do this
- Go to whatismyip.org and gather your IP address.
- FTP/SFTP into your site and download your .htaccess in your admin folder
- If no .htaccess is in your admin folder then you will have to create one.
- Open your .htaccess in a text editor or If there was no .htaccess is in your admin folder create a new one.
- Add these lines
# ACL access to your Admin folder
deny from all
allow from X.X.X.X
- Save the file
- Upload it back into the admin folder.