Richard, I would use your webserver's capabilities to restrict requests to that path to be over SSL. I believe this is fairly easy to do with Apache, and I have a vague idea of how to do it with nginx. Unfortunately, I don't do it that often and so I can't provide you any snippets.
Sean Richard Hurt wrote: > Now that I have my Radiant powered site up and running (thank you very > much!) I am getting a bit anxious about the /admin page being exposed to the > world. Not that I'm a big target or anything, but I really don't want to > have to depend on my password skills to make sure my site stays the way it > is. What I would like to do is two fold. > > First I want to for the /admin page to be SSL only. What's the best way to > go about this? I am going to have a self signed certificate for now as it's > only me doing the editing, but I would like to keep the editing sessions > private. At the very least I have to secure the initial logon page, even if > I don't secure the entire /admin/... route. > > Second I would like to change the admin route from /admin to something else, > maybe /edit, or /blahblah. What's the best|easiest way to do this? I know > security by obscurity is no security at all, but I would like to at least > give the script kiddies something to chew on. :) > > Thanx! > Richard > > P.S. I apologize if this is in the Wiki - I searched but couldn't find > anything on it. I'll update the Wiki if I get it working. How's that? :) > _______________________________________________ > Radiant mailing list > Post: [email protected] > Search: http://radiantcms.org/mailing-list/search/ > Site: http://lists.radiantcms.org/mailman/listinfo/radiant > > _______________________________________________ Radiant mailing list Post: [email protected] Search: http://radiantcms.org/mailing-list/search/ Site: http://lists.radiantcms.org/mailman/listinfo/radiant
