banner
阿珏酱

阿珏酱

乘上与平常相反的电车,去看看那未曾见过的风景
twitter
github
facebook
bilibili
zhihu
steam_profiles
youtube
HomeArchives友人帐留言板投喂❤关于我

Exposing the backend address of a website is a very dangerous thing.

39
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
This article warns about the dangers of exposing a website's backend address and provides steps to change the default backend path in the emlog blog system for better security. It emphasizes the importance of protecting oneself in the complex world of the internet.

Tips: When you see this prompt, it means that the current article has been migrated from the original emlog blog system to here. The publication date of the article is quite old, and the formatting and content may not be complete. Please understand.

Exposing the backend address of a website is a very dangerous thing

Date: 2017-4-30 Author: A Jue Views: 3982 Comments: 3

Exposing a website's backend address is a very dangerous thing. For example, the backend address of my website is: Admin Login


The internet is a complex world, and every webmaster must learn to protect themselves.

The default backend path of emlog is the admin directory, which exposes important information very blatantly.

Changing the default backend path involves three steps:


Open the admin directory, find globals.php, and open it with editplus or another editor. If you want to use Notepad, that's fine too. ^_^ Consequences are not my responsibility.


Rename the admin folder to whatever you want, for example, xxxx or something like that.

Open the admin/globals.php file, which may now be xxxx /globals.php.

Modify line 9 of the code:

Change admin to the new name you set, xxxx :

Step three: After refreshing the backend login, hide "Login" in the navigation settings; otherwise, clicking it will result in a 404 error, which is quite annoying.


Resolving some aftereffects: #

1. After changing the backend path, the emoticon images in microblogging cannot be displayed. The solution is:

Open include/lib/function.base.php , find

Replace admin with xxxx :


2. If there is no new avatar uploaded in the personal settings of the backend, the microblogging avatar will also not display on the frontend. The solution is:

Open t/index.php , find

Replace admin with xxxx :

Then open the template's t.php , which is content/templates/template_name/t.php , find

Replace admin with xxxx :


3. Resolve the link issue of the "click to return" button when the template is damaged, default admin, which results in an error when clicked:

Open include/lib/view.php , find

Replace admin with xxxx :


4. Resolve the link issue of the edit button on the article list page,

Open the template's module.php file, find

Replace admin with xxxx :

Alright, the tutorial is over. Go do what you need to do!

Of course, the aftereffects are not limited to the few I listed above.

To modify this, the website has been cleared and restored many times, it's exhausting!

User Comments:

image Pipi Shrimp 3 years ago (2018-06-20)
[#aru_3] It's the middle of the night.

image Butterfly 3 years ago (2018-03-31)
The avatar displayed in the comment section seems to need to be changed to show.

image Rabbit 4 years ago (2017-08-18)
What is ctf? = =

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.