开发者

Drupal Administer

开发者 https://www.devze.com 2023-01-20 22:37 出处:网络
How to rename drupal\'s admin directory as I already have a 开发者_JS百科directory named \"admin\"?As Bleadedu pointed out, Drupal has no \"directories\" in its URL.

How to rename drupal's admin directory as I already have a 开发者_JS百科directory named "admin"?


As Bleadedu pointed out, Drupal has no "directories" in its URL.

The urls you see are all so called "clean urls", achieved with a nifty trick in Apache (the webserver) configuration. You could disable clean urls that will fix your problem, but may not be an option, if you rely on this feature for some reason.

Another option is to use path module to circumvent this issue. This has downsides too, most notably, the fact you need to manually change each url with admin in it.

The last option is to change the rewrite rules in Apache. This is hard to achieve and requires some knowledge of mod_rewrite.


you can't. simply because admin directory doesn't exist. it's just a url path (defined in all modules that have got a reference of it in hook_menu)

The only solution I have right now is to implements hook_menu_alter and redirect all menus that starts with admin/ somewhere else, but I can't say that it will work 100%.


Instead of changing the path of /admin, you should beef up security elsewhere.

First, finding out your site uses Drupal is a piece of cake.
Huge companies use Drupal, and don't change their /admin path.

Don't use User 1. Most of the time, there is no need for anyone to be using User 1. Even the highest of admins should be given a role, and certain permissions. User 1 should have a complicated long password, changed every (x) number of days or hours, but never actually used. I think there is also a module for this, but I can't remember off the top of my head because I just do this programmatically.

logintoboggan.module The Login Toboggan module will display the login form for Access denied pages

login_security.module

protect_critical_users.module

userprotect.module

session_limit.module

nodeaccess.module

Don't let direct access to update.php and cron.php. Create a cronjob to run via shell. -have them direct to forbidden/or a 404 with a search page

Use the tools in cpanel/whm or similar. Knock out bad login attempts and such.

There are a ton of other ways to beef up security in drupal.


I somehow forgot that you said "as I already have a directory named "admin". opps.

I think you would be wise to either alter that other directly instead, put it inside of another directory, or simply don't use it.

It is just going to be very messy. You would have to look into every single module to see if it needs adjusting.

Off the top of my head, the user.module will need to be altered, and also take a look at http://api.drupal.org/api/search/6/url_rewrite.

custom_url_rewrite_outbound and custom_url_rewrite_inbound will work, BUT you will still be able to access /admin by typing it in manually. You will get a forbidden if you stick a "admin" folder in your root.

All in all, I think it would be a messy venture, and you might get a lot of broken updates. Until something like this is offered in core, I wouldn't do it. Even if there was a module that could, I wouldn't use it.

*You will have to "Hack Core," and I don't think this justifies hacking the core.

0

精彩评论

暂无评论...
验证码 换一张
取 消