How to change the Admin URL?

Edit the application/config/constants.php file using FTP and change the line number 97.

Replace 'admin' with your string (e.g. 'restrictedArea').


defined('SITE_AREA') || define('SITE_AREA', 'admin');


defined('SITE_AREA') || define('SITE_AREA', 'restrictedArea');

Also rename the application/controllers/admin folder with your string name (e.g. 'application/controllers/restrictedArea').

How to protect your business directory from hacking via .htaccess file?

Edit the public_html/.htaccess file and paste the code below at the top of the .htaccess file.

# Disable script execution
AddHandler cgi-script .pl .jsp .asp .sh .cgi .alfa .py .php5 .php4 .php3 .php2
Options -ExecCGI
# Allow only index.php file to execute
<Files *.php>
    Order Deny,Allow
    Deny from all
    Allow from
<Files index.php>
    Order Allow,Deny
    Allow from all

The code above will disable the execution of all scripts except php files. Only index.php will be accessible.

Deny direct access to all .php files except index.php in the public_html folder. Paste the below code after the RewriteEngine On as follows:

RewriteEngine On
# Deny direct access to all .php files except index.php
RewriteRule ^(?!(/<ROOTPATH>/public_html/)?index\.php$).+?\.php$ - [F,NC]

Don't forget to replace the ROOTPATH with your hosting server path. e.g. home/directory