• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!
  • 2026 staff recruitment is open! Check it out and consider applying!

MyAAC 1.8.8 - hide admin panel

G

Gover

Well-Known Member
Joined
Sep 3, 2009
Messages
129
Reaction score
67
Hello,
Maybe someone have better idea to hide the /admin panel on MyAAC website - i would be more then happy to hear your opinions.

I was thinking that giving an access to login page for admin panel for users is a way to let them try to break the server.

I could change the /admin to something else to hide it or set a cloudflare to this url as anty brute force - but finally I decided to hide it (block) in nginx.

But I found an idea to maybe block it using nginx - I would like to know if that is a good way to do it, or maybe I overthink it and there is much simplier way to achieve that.

Im using block like this in nginx site config (server section):
PHP: 
    location /admin {
    allow 0.0.0.0;
    deny all;

        try_files $uri $uri/ /index.php?$args;
    }

And a simple script that allow you to open the access to admin panel using one command (openadmin 10.10.10.10). Script file of course is in /usr/local/bin with correct execute permissions:

Bash: 
#!/bin/bash

NGINX_SITE="/etc/nginx/sites-available/site"
TEMP_FILE="/tmp/site.tmp"

# Find if there is a parameter
if [ -z "$1" ]; then
    echo "Usage: sudo openadmin <IP_ADDRESS>"
    exit 1
fi

IP=$1

# Simple IP validation (IPv4)
if ! [[ $IP =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then
    echo "Invalid IP address format."
    exit 1
fi

# Change location /admin block in main nginx file
# Finding a correct place: location /admin { ... } and replace the allow
awk -v ip="$IP" '
  BEGIN {inside=0}
  /location \/admin/ {inside=1; print; next}
  inside && /allow/ {print "    allow " ip ";"; next}
  inside && /deny all/ {print "    deny all;"; inside=0; next}
  {print}
' "$NGINX_SITE" > "$TEMP_FILE"

# Change original file
cp "$TEMP_FILE" "$NGINX_SITE"
rm "$TEMP_FILE"

# Veryfy nginx configuration
nginx -t
if [ $? -ne 0 ]; then
    echo "Error: nginx configuration test failed. Changes not applied."
    exit 1
fi

# Reload nginx
systemctl reload nginx

echo "Admin panel opened for IP: $IP"

and the second one to close the access:

Bash: 
#!/bin/bash

NGINX_SITE="/etc/nginx/sites-available/site"
TEMP_FILE="/tmp/site.tmp"

# Change allow to "allow 0.0.0.0;" so it should block all ips
awk '
  BEGIN {inside=0}
  /location \/admin/ {inside=1; print; next}
  inside && /allow/ {print "    allow 0.0.0.0;"; next}
  inside && /deny all/ {print; inside=0; next}
  {print}
' "$NGINX_SITE" > "$TEMP_FILE"

cp "$TEMP_FILE" "$NGINX_SITE"
rm "$TEMP_FILE"

nginx -t
if [ $? -ne 0 ]; then
    echo "Error: nginx configuration test failed. Changes not applied."
    exit 1
fi

systemctl reload nginx

echo "Admin panel closed for everyone"


Any suggestions are very welcome. If you want to use it on your server - be welcome.

Regards,
Gover
 
I'm not special fan of doing this, but if you really want to restrict the access to admin folder, then you can adjust this variable in common.php:

PHP: 
const ADMIN_PANEL_FOLDER = 'admin';

Change it to your wish, and after that you need to also to rename the admin folder itself.

#edit
Ah I thought its support thread, now noticed its in tutorials. :p

Then take my words as alternative to the thread starter approach.
 
Back
Top