How best to secure admin directory?

Leonardo Crespo leo at leocrespo.com
Fri Apr 9 07:20:18 MSD 2010


> I'm not sure it's a "great security". There is a lot of spywares in browsers
> (the Google Toolbar for example) which will inform about the used address.

That's true... would you recommend just having authentication on that
location instead?

> Outch. I hope your "php includes" doesn't use HTTP to load files...

It doesn't, they're all include(); directives.

Cheers Oliver!

Leo

On Fri, Apr 9, 2010 at 12:12 PM, Olivier B. <nginx.list at daevel.fr> wrote:
> On 09/04/2010 03:47, Leonardo Crespo wrote:
>>
>> Morning guys!
>>
>> Can anyone help with best practice to secure an /portal/admin
>> directory? A link to documentation will do just fine.
>>
>> Our website has and /admin directory which don't want to be accessible
>> via www.domain.com/portal/admin. Instead, we want hackoff.domain.com
>> to point to /portal/admin directory. If we could add authentication to
>> hackoff.domain.com would be great too.
>>
>
> I'm not sure it's a "great security". There is a lot of spywares in browsers
> (the Google Toolbar for example) which will inform about the used address.
>
>> The point is some files on www.domain.com/* include (php include)
>> files on /portal/admin, so this has to work internally.
>>
>
> Outch. I hope your "php includes" doesn't use HTTP to load files...
>
>> I searched the wiki and this website https://calomel.org/nginx.html
>> (which is great too) but I couldn't figure out a way to do this.
>>
>> Any ideas are very welcomed.
>>
>> Cheers!
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://nginx.org/mailman/listinfo/nginx
>>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
>



More information about the nginx mailing list