Level 54
@p81cfm using .htaccess and .htpasswd is still a valid way of protecting a directory in production.
I would also suspect your cpanel-admin has a login screen and authentication.
Jan 9, 2021
6
Level 1
Control Panel in a directory protected
Hi guys,
I'm about to go online with a small app which uses a control panel contains in the directory /cpanel-admin/.
In the prehistoric period of my PHP "career" I used to use .htaccess and .htpasswd to protect the entire folder with the control panel.
Is there anything similar and very secure once you go online ?
Cheers
Level 1
Thanks for your answer,
I used to have an automatic password prompt at the browser level.
Do you think is still ok to use?
Thanks
Level 54
yeah. that sounds like the restriction is being applied via your httpd-vhosts configuration which is perfectly fine.
You can also enhance by restricting the directory to specific IP range, which will prevent bots trying to work out your password as they wont even get the password prompt.
Level 1
Thanks a lot,
can I restrict the bots by using the .htaccess and .htpasswd files?
Level 1
I was just trying to sorting out this issue online and I did not manage to get htpasswd working.
According to your experience is it possible by simply setting the two files .htaccess and .htpasswd in the proper folder obtain a protection of the entire folder and sub folders?
Level 54
you may be best to ask whoever is managing your hosting about this.
Please or to participate in this conversation.