School Assignment? Project Due Tomorrow? Chat LIVE With A Programming Expert!

Dream.In.Code > Programming Help > PHP > PHP Programmers

Welcome to Dream.In.Code
	Become an Expert! Join 307,131 Programmers for FREE! Get instant access to thousands of experts, tutorials, code snippets, and more! There are 2,053 people online right now. Registration is fast and FREE... Join Now! Chat LIVE With a Expert

Staff Logins

Staff Logins, Hidden versus visible, but not for a public account system.

ShaneK	21 Sep, 2009 - 07:42 AM Post #1
require_once("brain.php"); //Fatal error :/ Joined: 10 May, 2009 Posts: 701 Thanked: 47 times Dream Kudos: 75 Expert In: PHP, MySQL My Contributions	Alrighty then, I'd like to discuss staff logins in this thread. Soon enough I'll have to make one and I can't decide if I should make it obvious that there's a login panel or if I should hide it somewhere (like using the rewrite mod and "hiding" it at /login/ or something). There are pros and cons to each, and I'd like to know which is better. Hiding Pros Not as many "hack" attempts Doesn't have the ugly login interface on the main page Cons Makes it harder for actual staff to login (Saying they're not computer savvy...) Some believe that if "hackers" find a "hidden" login panel they'll try harder to break into it Not hiding Pros Makes it easier for non-tech-savvy staff to login Cons Makes it more obvious that there's something hidden Draws "script kiddie" hacker attacks as well as real ones... So, any discussion? I don't believe the people I'm working with will be tech savvy, so this honestly makes me think. I'd like to know opinions Yours, Shane~ This post has been edited by ShaneK: 21 Sep, 2009 - 07:44 AM
	This Post Was Helpful!

Register for Free to Make These Ads Go Away!

Wimpy	RE: Staff Logins 21 Sep, 2009 - 09:41 AM Post #2
I feel happy... singing Joined: 2 May, 2009 Posts: 958 Thanked: 132 times Dream Kudos: 75 My Contributions	If you are afraid of attacks you shouldn't create an administration panel at all because a script kiddie would probably try a few urls himself before giving up trying to find the login-page. Secure your application instead and let them see that there is a login page, they will probably just get bored when they don't succeed with breaking through your logic... And also, even if the "staff" isn't tech savvy they would probably learn to add the extra "/Login" after the domain url quite fast, even more likely is that they would add it to their favorites / bookmarks or something like that.
	This Post Was Helpful!

ShaneK	RE: Staff Logins 21 Sep, 2009 - 10:13 AM Post #3
require_once("brain.php"); //Fatal error :/ Joined: 10 May, 2009 Posts: 701 Thanked: 47 times Dream Kudos: 75 Expert In: PHP, MySQL My Contributions	Yeah, the /login/ was simply an example Of course I'd never be that insecure. <Assuming I wanted it hidden> Yours, Shane~ This post has been edited by ShaneK: 21 Sep, 2009 - 10:13 AM
	This Post Was Helpful!

Wimpy	RE: Staff Logins 22 Sep, 2009 - 08:49 AM Post #4
I feel happy... singing Joined: 2 May, 2009 Posts: 958 Thanked: 132 times Dream Kudos: 75 My Contributions	Assuming you wanted it to be hidden you would simply just have to tell the staff how to gain access to the login-page! I would probably put it on a sub domain or something similar ( http://admin.example.com/ ). QUOTE(ShaneK @ 21 Sep, 2009 - 08:13 PM) Yeah, the /login/ was simply an example Of course I'd never be that insecure. <Assuming I wanted it hidden> Yours, Shane~
	This Post Was Helpful!

Fast Reply

Reply to this topic

Start new topic

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 11/21/09 02:43PM

Invision Power Board v2.1.7 © 2009 IPS, Inc.

Licensed to: MediaGroup1

Advertising | Terms of Use | Privacy Policy | About Us | Site Map

Advertise on this site through Lake Quincy Media

Forum Index: Programming Help | C and C++ | VB6 | Java | VB.NET | C# | ASP.NET | PHP | ColdFusion | Perl and Python | Ruby | Databases | Other Languages | Game Programming | Mobile Development | Software Development | Computer Science | Industry News | Programming Tutorials | C++ Tutorials | Visual Basic Tutorials | Java Tutorials | VB.NET Tutorials | C# Tutorials | Linux Tutorials | PHP Tutorials | ColdFusion Tutorials | Windows Tutorials | HTML/JavaScript Tutorials | CSS Tutorials | Flash Tutorials | Web Promotion Tutorials | Graphic Design & Photoshop Tutorials | Software Development Tutorials | Database Tutorials | Other Language Tutorials | ASP.NET Tutorials | Game Programming Tutorials | WPF & Silverlight Tutorials |

Copyright 2001-2008 MediaGroup1 LLC, All Rights Reserved
A MediaGroup1 LLC Production - Version 6.0.2.1.36
Server: secure2

Search^Updated!w00t

Over 509,000 Pages! Advanced Forum Search

Live Help!

Be Social

Tutorials

Programming

Web Development

Reference Sheets

Code Snippets

DIC Chatroom

Join our IRC Chat

Bye Bye Ads

Monthly Drawing

Top Contributors

Top 10 Kudos This Month