How to hide admin user of your forum
#1

In the scenario where your forum is a target for a hacker, they will often target the super administrator/main administrator account as it will usually have the most, or even full, permissions.

In this tutorial I'll show you how you can protect your forum with "security through obscurity". This is often an overlooked technique but when used correctly you can benefit from it greatly.

The first thing you want to do is create a new usergroup with the same permissions as the administrator group. Name the group "Registered" or "Members" and make the usergroup style the same as default members group. From the outside it will look like the users in that group are regular members.

After you have created the group, you want to create a new user to put into that group. The user should look like any other member, with a secure password. Change the usergroup of the user to the one you created earlier. This user will primarily be used for administrative tasks.

The next thing you want to do is revoke the administrator permissions of the original admin usergroup. Edit the usergroup and uncheck the box "Yes, users of this group can access the admin CP". The usergroup will essentially be a super moderator group.

From this point onwards, you will not be able to log into the Admin CP via your account. You'll have to use the hidden administrator account. This trick will work well as long as you don't reveal the fact you've applied this method to anyone outside of the administration team.

OP- Nathan Malcom
Reply
#2

Full security guide - https://smarthelpguides.com/20-tips-ulti...m-hackers/
Reply