Jump to content

How important is it to change the default admin url?


Robin S
 Share

Recommended Posts

Every time I do a new PW install I pause at the Admin Login URL field and wonder if I should be doing something here to improve security.

My thinking goes like this:

  • I'd like to place some sort of obstacle to discovering the admin URL to keep out nosy-parkers and casual abusers.
  • But I don't want to make things unnecessarily difficult for my editors, who shouldn't have to hunt out the URL or end up stuck if they need to edit the site on a device that doesn't have the admin URL bookmarked. In other words, it has to be something that can be remembered by a normal mortal.

In the end I just stick with the default /processwire/ URL because it seems a good trade-off in that it's not as obvious as /admin/ but is memorable. Also, it's a word that isn't a household name to the wider public but familiar to an editor has been working with the site for a while and looking at the PW logo in the admin banner.

Is there a best-practice around setting the admin URL? What are others of you doing with this? Is anyone setting admin URLs like /84tpt28hgs5y/ ?

Link to comment
Share on other sites

@cstevensjr: Do you always use the same URL or is it different for every site you develop? If it's different do you have a method for deciding what to use for the admin URL? BTW, I'm not requesting you reveal a real admin URL here.

Link to comment
Share on other sites

The admin URL is always based on something distinctly or uniquely associated with the client (so it's not hard for them or me to remember).  It's just a matter of knowing detailed information about the client or their business.  

  • Like 2
Link to comment
Share on other sites

The admin URL is always based on something distinctly or uniquely associated with the client (so it's not hard for them or me to remember).  It's just a matter of knowing detailed information about the client or their business.  

I build a PW site for a restaurant/bar and called the admin URL 'office'.

Another was for a friend who operates an auto mechanic shop, called his admin 'toolbox'.

  • Like 2
Link to comment
Share on other sites

Is there a best-practice around setting the admin URL? What are others of you doing with this? Is anyone setting admin URLs like /84tpt28hgs5y/ ?

I did this once because I created a whole backend area for the users, and didn't want the user to ever see the processwire admin.

But i usually just leave as it is if the client is okay with it, or like @OrganizedFellow, i change it to something appropriate. 

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...