I have 15 websites most are php and have admin control panels , recently i got an email from one of the softwares where they were basically flipping out and told all its members to change the name of its admin directory from admin/

im thinking whats the big deal then the same day another one of my softwares sends out a notice to all its users about the same exact thing !

this got me thinking real good about it and all the stuff you have to do to pull off a rename of the admin directory .... so 2 days later which is today another one of my software developers send out the same thing again !

not sure what has happened recently but it seems like all php software developers are requesting the admin directories renamed

So now we have vBulletin !!! with an admin directory named admin on 99% of our sites so what are we going to do about it?

renaming the admincp directory on vb is very easy. All you have to do is edit the file name, and then one line in config.php.

what about upgrades ?

Do you mean upgrading vB in the future? Just rename the admincp directory before you upload the files to your server, and make sure you keep the same settings in config.php.

Will the upgrade script know that the admin directory is renamed ?

heres some code from one of my developers patch ..

$form .= '<input type="hidden" name="securityToken" value="' . $_SESSION['securityToken'] . '" />';

Does VB have the "securityToken" on its admin cp log in?

I'm pretty sure that as long as config.php is configured correctly, you wont have any problems with the upgrade script.

If you were worried about it, you could always revert back to the default settings just for the upgrade.

i would rather for vbulletin to look into this and make a decision rather this is of warrant

$config['Misc']['admincpdir']

By default, vBulletin will install the files for the Administrators' Control Panel into a folder called admincp, but you may wish to rename this folder this for security purposes. If you rename the folder, enter the new name here. Note that you can only rename the folder, if you move the folder to a new location the system will be unable to function.Sums it up.

That quote is from the installation instructions about configuring config.php.

Whats the importance of doing this !

I'm pretty sure that as long as config.php is configured correctly, you wont have any problems with the upgrade script.

This is correct.
As long as the config has the correct info about the admincp and modcp, you could name them whatever you want.
Just make note on the upgrades to name those 2 folders the same, and make the same 2 edits in the config.php file.

Whats the importance of doing this !
It prevents people knowing the address of your Admin CP.

well i know that , but is it necessary ?

Better be safe than sorry. While you're at it, remove the Admin CP link from the footer also.

that only shows to admin so why does that matter?

that only shows to admin so why does that matter?
If someone happens to hack your account, do you want them to easily find the Admin CP?

If someone is smart enough to hack my account i think they can find the admin directory :D

Ah, but you don't take into account the Guild of Retarded Hackers. http://forums.bleachportal.net/images/smilies/awe.png

If someone is smart enough to hack my account i think they can find the admin directory :D

Well if there isn't a link to admincp from your forum, and you have renamed it, how will they find it? Unless they have access to your ftp, but then you really are screwed.

i go to my admin cp all the time and so do other mods having the link there is very important to us

It doesn't have to be full of random letters... It can still be something easy to remember (but have no relation to the Admin CP at the same time).

i go to my admin cp all the time and so do other mods having the link there is very important to us

modcp is different from admincp (you can rename both if you choose).

The idea we are trying to get at is that you could very easily type www.yourdomain.com/abc rather than click the admincp link if you are that worried about security.

Personally I havent removed the admincp link in the footer on my forum, but thats personal preference.