Admin Security (.htaccess and login page)

**ddecjc** · 09-14-2004, 03:28 AM

I have been reading everything I can find about securing my new MAX 1.7 install, and I'd like to verify something. Based on what I've read, it appears that the admin login feature is intended more as a way to give different users or groups different admin privileges than an actual security system to keep unwanted people out of the admin section. For true security, I should still use .htaccess and move/rename the admin folder.

Am I right on this?

Thanks.

**ddecjc** · 09-14-2004, 11:24 AM

Nobody has any words of wisdom on this one???

**michael_s** · 09-14-2004, 11:25 AM

The admin login is a good basic security measure. If you want extra security, you should also use .htaccess and move it to a different directory. It all depends on how much security you require...

**ddecjc** · 09-14-2004, 12:32 PM

Thanks for the feedback.

So, I should be able to infer that a fairly decent solution might be to use the admin login and move/rename the admin folder? Obviously nobody can guarantee anything for anyone, but it sounds like I could expect reasonable results from such an approach.