CODEWITHSUNDEEP
phpwebadmin
Davit
Davit

Reputation: 1373

What way let website administrators enter control panel?

I have a website made in PHP, MySQL and stuff. I am using url rewrites in my website so an administrator needs to go to http://{website}.com/admin/ and enter his/her username and password there to get to control panel where he/she updates the most of website, including language files, etc.

Now I'm wondering in what way should I let this website administrators access http://{website}.com/admin.

Should they really go to that link? /admin? Because I have heard this is not the most recommended way and I think most of today's websites manage to do this in different way? Some specially created desktop app? Other?

Please let me know what is really the most recommended way to do this.

Upvotes: 2

Views: 812

Answers (3)

Gopal Sharma
Gopal Sharma

Reputation: 825

The way you want to access the site as a admin is mostly used , cms i.e. content management sites are the best example for that, But as you have mentioned that you are using Php,mysql, so i will advice you to use a framework like yii,joomla,wordpress etc, which helps the admin to manage site from the remote location as well like http://www.foo.com/admin.php. or similar one, I recommend you yii, wordpress both are opensource i.e. free, for yii you must know MVC i.e Model View Controller. Just google yii or wordpress Go to their site download the file mostly in. Zip format extract in htdocs folder if using Wamp, For more tutorials use their forum or various tutorials are available on the internet.

Upvotes: 2

dmi3y
dmi3y

Reputation: 3522

Thats big question. Probably for secure enhancement better use something else than admin. I know some using subdomains like cms.website.com. But again if you really concerned about security that's should not be sufficient.

Upvotes: 0

Marcin Orlowski
Marcin Orlowski

Reputation: 75629

It is not recommended because it is most obvious. Still, if your security is there it is rather irrelevant what URL it would be. By not using /admin (but instead i.e. /a32mTT) you filter out some automated attempts, but that's mostly it. I'd not consider this "security" at all. From other hand, your users/admins may find problematic memorizing /a32mTT instead of /admin. And finally, if your security sucks, then once your URL leak you might get toasted quickly, so focus on real security first :)

Upvotes: 4

Related Questions