This article will take the joomla! background link as an example to explain how to "modify" our back-end links to make it more secure.
Principle: Register the session with a specific file for the background entry, otherwise fail to exit. That is, directly using the original background address will not be able to login backstage. In this way, the diversity and variability of the entry filenames will provide a more secure environment for your background login.
First, entry file: myadmin.php (file name can be changed at any time)
Role: Register session. The source code is as follows:
Copy CodeThe code is as follows:
Session_name ("Zjmainstay"); Session name can be changed, note the corresponding
Session_Start ();
$_session[' admin_user '] = "Y"; Session variable name can be changed, note the corresponding
Session_write_close ();
?>
[HTML]
Second, modify the background entrance file:/administrator/index.php (can be any CMS entry file start)
Function: Use session control to enter. The source code is as follows:
[Code]
Define (' _jexec ', 1); Original File Line 9
Define (' DS ', directory_separator); Original file Line 10
Add
Session_name ("Zjmainstay");
Session_Start ();
$ok _to_browse = ($_session[' admin_user '] = = "Y");
if (! $ok _to_browse) {
Header ("content-type:text/html; Charset=utf-8 ");
Exit (' Deny illegal access! ');
}else{
$_session[' admin_user '] = "Y"; Use of continuation session
Session_write_close ();
}
ADD End
Login Example: http://www.youdomain.com/myadmin.php
After carriage return will automatically jump to: http://www.youdomain.com/administrator/(original background login address)
Direct input: http://www.youdomain.com/administrator/will prompt ' deny illegal access ' and exit.
Author: Zjmainstay
Source: http://www.cnblogs.com/Zjmainstay/
http://www.bkjia.com/PHPjc/325927.html www.bkjia.com true http://www.bkjia.com/PHPjc/325927.html techarticle This article will take the joomla! background link as an example to explain how to "modify" our back-end links to make it more secure. Principle: Register the session with a specific file for the background entry, otherwise fail to return ...