This is my blog about the trials and tribulations of setting up our web site.

Thursday, December 29, 2005

The purpose of renaming the admin directory

One of the first things you are told in osC is to rename the admin directory to something that people will not guess to protect it. Then most people add the line into their root/robots.txt file

Disallow: /new_admin_name

What this does is when you type in your URL and add robots.txt at the end, up pops a page that displays your new admin directory name (robots.txt files are viewable in a browser). This saves potential hackers from trying to guess what you changed it to.

The fix is when creating a robots.txt file in your root do NOT put the hidden/private directories in there. What you need to do is in your new admin directory create a new robots.txt file and add the lines;

User-agent: *
Disallow: /

This will keep the robots from indexing that directory and also keep your admin/private directory names hidden from the world adding the security that you were trying to gain.

0 Comments:

Post a Comment

<< Home