We are thankful to Mourad for this tutorial.
As we know Discuz default configurations allow anyone to access the admin page by directly accesing that url www.example.com/admin.php
So to prevent non-admin to direct access the admin page just open "admin.php" with a text editor and search for:" $discuz->init(); "
Newline, and just add the following code:
if(!$_G['uid'] || !getstatus($_G['member']['allowadmincp'], 1)) {
header('Location: /');
}
then save the file that all.
Now if non-admin try to access the admin page they will be redirected to the home page, and if you would redirect them to any other page (like a external page or a fake admin page) just change the slash " / " by your link.
No comments:
Post a Comment