This article will take joomla! background link as an example to explain how to "modify" our background link to make it more secure.
Principle: Register the session with a specific file for the background entry, otherwise the failure exits. Direct use of the original background address will not be able to log in the background. As a result, the diversity and variability of the entry file name will provide a more secure environment for your background login.
First, the entry file: myadmin.php (file name can be changed at any time)
Role: Register session. The source code is as follows:
Copy Code code as follows:
<?php
Session_name ("Zjmainstay"); The session name can be changed, note the corresponding
Session_Start ();
$_session[' admin_user ' = "Y"; Session variable name can be changed, note corresponding
Session_write_close ();
?>
<meta http-equiv= "Refresh" content= "0;url=http://www.youdomain.com/administrator/" >
[HTML]
Second, modify the background entry file:/administrator/index.php (can be any CMS of the entry file opening)
Function: Use session control to enter. The source code is as follows:
[Code]
Define (' _jexec ', 1); Original File Line 9
Define (' DS ', directory_separator); Original file Line 10
Add
Session_name ("Zjmainstay");
Session_Start ();
$ok _to_browse = ($_session[' admin_user '] = = "Y");
if (! $ok _to_browse) {
Header ("content-type:text/html; Charset=utf-8 ");
Exit (' Deny illegal access! ');
}else{
$_session[' admin_user ' = "Y"; Continuation of Session Usage
Session_write_close ();
}
Add End
Login Example: http://www.youdomain.com/myadmin.php
Auto-return will automatically jump to: http://www.youdomain.com/administrator/(original background login address)
and direct input: http://www.youdomain.com/administrator/will prompt ' deny illegal access ' and exit.
Author: Zjmainstay
Source: http://www.cnblogs.com/Zjmainstay/