2. Rename your /admin folder
It is recommended for additional security that you rename your admin
directory after installation. This way, it will be significantly harder for hackers to find your admin area or attempt any attack on breaking into it.
(Before making the following changes, make sure to have a current backup of your files and your database.)
A - Open your admin/includes/configure.php, using a simple text editor like notepad. Change all instances of admin
to your chosen new admin folder-name. For maximum security, you may want to consider that new folder name should include numbers and a combination of upper and lower case letters. The longer you make this folder's name the more secure it will be. Make sure you leave all the / intact.
Change this section:
And this section:
B - Find your Zen Cart™ /admin/
directory, using your FTP software or your webhost File Manager
. Rename the directory to match the settings you just made in step A.
C - To login to your admin system you will now have to visit a new URL that matches the new name used in steps A and B above. For example instead of visiting http://www.example.com/admin/
. Use of SSL
is highly recommended to protect you and your customers' information. To protect the new admin folder name from packet sniffers
, use https in the example link above (this of course depends on your server having an SSL certificate installed).
D - You should also protect your admin area by using an .htaccess
file similar to the one shown below
, and placing it into /admin/includes
. This should already exist in Zen Cart™ versions 1.2.7 and greater.