how to rename your admin folder

One recommended security step to take with any oscommerce-based e-commerce store is to rename the admin folder so it is harder for the uninvited to drop in.

Steps to take:

  • Choose new name
    Or don’t and use a randomiser like the PCTools Password Generator to make a new admin folder name of 8 or more characters for you. Use a mix of letters, cases, numbers and some symbols (avoid \ | / ‘ and ” however.) Copy it to the Clipboard so you can paste it in the next steps.
  • Although a 'hard-to-guess' admin name is good, 24-characters seems excessive.
  • Make the change
    Access your Store through your control panel or an (s)ftp connection, click the Rename button (or use right click ‘rename’) and paste in the new name.
    Refresh the display (or close and reopen the (s)ftp connection) to see the change take effect.
  • Update your ‘admin’/includes/configure.php file
    You may have to change the permission settings to be able to make the following change – ’666′ or ‘Read/Write all groups’ is usually enough.
    Check the file for entries with /admin/ in the paths. Use Find and Replace to change all of these /admin/ entries to /new name/.
    Save the file and change permissions back to ’444′ or ‘Read only all groups.’
  • Update any ‘admin’ bookmarks
    If you have the old admin panel bookmark in your browser(s) now’s the time to update these to reflect the new ‘admin’ folder name.
  • Don’t include references to the new ‘admin’ folder in the robots.txt file
    The /catalog/robots.txt file is a popular reference for would-be hackers to see which parts of your store you don’t want the bots to visit. Avoid mentioning the new ‘admin’ folder in this file. There are other ways of diverting bots attention away from areas of your store you may want to keep better hidden than others.

There’s more here about securing your admin – and although these steps do not guarantee 100% certain defence against the determined hacker, they will raise the bar out of the reach of ‘script kiddies’ and others who are looking for easy targets. 7JP9H7JXBRDZ