How to secure Admin Panel in PHP?

I have a website which has two panels....

1- For Normal user accessible through domain.com 2- For Admins and Moderators accessible through admin.domain.com

When I (or anyone) access admin panel using admin.domain.com. He will be asked to enter username and password...BUT

How can I make this only visible to me (any way of telling server.. hey I am admin show me that page) One approach came in my mind is to use the route filter for static ips, like hey

Laravel my name is 192.116.45.15... show me that page.

Another approach is to separate my whole admin from server and use it directly from my localhost.

Please tell some more approaches (by the way I use Laravel)

Answers


Rather than, doing any server configurations, why don't you use a security field. Say, along with Username and Password, can you please add a field PIN to the form. Anyways, this field is again known to you only. Also, you can use strong passwords to protect your admin panel.


If your approach is want the server differentiate before they login. You can set the admin page only able to accessible by admin user with (IP address).

If they had login from main page. You can get the user role session.

Role Level
1    Admin
2    Moderator
3    Member

If you don't want users to see the admin login page at all you could require special GET parameter that pretty much is a password. e.g. admin.domain.com/ would simply output nothing but admin.domain.com/?5q38cZxyaA would output the login page. As long as you dont publish the link anywhere this is as save as sending a password via post(so its as save as the following real login).


If you have ssh access to the server, you can run the administration panel on some different port say port 3000 and then block that port in firewall with a exception of your own ip.


Need Your Help

Lambda expression to return zero if null

c# lambda linq-to-objects

in my WPF application i used to add controls dynamically to a Canvas. The name format of the control is "Control_UniqueValue".

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.