Web Wiz - Green Windows Web Hosting
Web Wiz Homepage Search Web Wiz

  New Posts New Posts RSS Feed - changes to common.asp & admin.asp
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

changes to common.asp & admin.asp
 Post Reply Post Reply
Author
  Topic Search Topic Search  Topic Options Topic Options
WebCity View Drop Down
Groupie
Groupie
Avatar

Joined: 11 December 2003
Location: United States
Status: Offline
Points: 154 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebCity Quote  Post ReplyReply Direct Link To This Post Topic: changes to common.asp & admin.asp
    Posted: 15 February 2011 at 5:09pm
I had a member brag he found the admin login page.  I checked and sure enough you can go to the /forum/admin.asp and get the login page.  I would like to see admin.asp file part of the common file so we can change the location of the admin login page.
 
Until then I would like to make the admin.ap point to a fake file name so it will get the oops page.  Only a admin that is loged into the forums will see the admin.asp login page once they click the admin link.
 
I also changed the common.asp file and the db files to 
 
common.asp file - line 4
<!-- #include file="_xyz_folder/xyz_filename.asp" -->
 
database_connection.asp or now the new xyz_filename.asp - line 63
<!-- #include file="xyz_settings.asp" -->
Back to Top
123Simples View Drop Down
Senior Member
Senior Member
Avatar

Joined: 08 July 2007
Location: United Kingdom
Status: Offline
Points: 1192 		Post Options Post Options   Thanks (0) Thanks(0)   Quote 123Simples Quote  Post ReplyReply Direct Link To This Post Posted: 15 February 2011 at 7:13pm
I'm not sure that this is such an issue. The link is as you say pretty standard, and without the username and password, it is redundant anyway. Until the admin username and password is entered, all they can see is the actual login page for the admin area - nothing else. In fact by altering the script and asp and database connection codes, you may be inadvertingly causing more problems than it is worth.
Visit 123 Simples Web Design
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 15 February 2011 at 8:47pm
The admin login page is not a secret and you can find many a reference to it in these forums as well as documentation going back some 8 years.

The admin login has a more secure login system that only admins can enter and does not support cookies like in the main forum. It also use CAPTCHA to prevent brute force hacking. As long as you do not give the admin account some silly password like 'pa55word', 'qwerty', or some other easy to guess password no one will get in.

There is no point in renaming the common.asp file or the database_connection.asp file as these contain code that will only run server side and so can not be downloaded or the contents viewed.
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
 Post Reply Post Reply

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.08
Copyright ©2001-2026 Web Wiz Ltd.

Become a Fan on Facebook Follow us on X Connect with us on LinkedIn Web Wiz Blogs
About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Notice

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT at 20% unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.

Copyright ©2001-2026 Web Wiz Ltd. All rights reserved.