Securing the /admin/ folder in OpenCart

Since OpenCart is open source it can be a target for hackers since they already know the basic file structure and how the core code works. One of the easiest methods of securing your OpenCart dashboard is to rename the /admin/ folder.  This will 'hide' the folder from scripts and hackers specifically looking for the 'admin' folder of OpenCart. Follow the steps below to change the /admin/ folder's name. Don’t forget that once you do this, you’ll need to use the new path to access your admin dashboard.

1. Log into cPanel
2. Click on File Manager
3. Use file manager to navigate to the folder containing the “admin” folder
4. Right click on the “admin” folder and select “rename”
5. Type in your new name for the “admin” folder (you can change it to whatever you want but the more obscure the name the better such as “ADMIN889723”)
6. Now, open the /admin/config.php with the code editor (Remember, you changed the name of the folder. Replace 'admin' with the new folder name).

   Important! There are several instances of "admin" throughout the config file. All instances must be changed for this to work.

   Below in Red is the instances of admin you will need to change.

   // HTTP
   define('HTTP_SERVER', 'http://test.domain.com/opencart/admin/');
   define('HTTP_CATALOG', 'http://test.domain.com/opencart/');
   
   // HTTPS
   define('HTTPS_SERVER', 'http://test.domain.com/opencart/admin/');
   define('HTTPS_CATALOG', '>http://test.domain.com/opencart/');
   
   // DIR
   define('DIR_APPLICATION', '/home/userna5/public_html/opencart/admin/');
   define('DIR_SYSTEM', '/home/userna5/public_html/opencart/system/');
   define('DIR_DATABASE', '/home/userna5/public_html/opencart/system/database/');
   define('DIR_LANGUAGE', '/home/userna5/public_html/opencart/admin/language/');
   define('DIR_TEMPLATE', '/home/userna5/public_html/opencart/admin/view/template/');
   define('DIR_CONFIG', '/home/userna5/public_html/opencart/system/config/');
   define('DIR_IMAGE', '/home/userna5/public_html/opencart/image/');
   define('DIR_CACHE', '/home/userna5/public_html/opencart/system/cache/');
   define('DIR_DOWNLOAD', '/home/userna5/public_html/opencart/download/');
   define('DIR_LOGS', '/home/userna5/public_html/opencart/system/logs/');
   define('DIR_CATALOG', '/home/userna5/public_html/opencart/catalog/');
   
   // DB
   define('DB_DRIVER', 'mysql');
   define('DB_HOSTNAME', 'localhost');
   define('DB_USERNAME', 'userna5_ocar341');
   define('DB_PASSWORD', 'password');
   define('DB_DATABASE', 'userna5_ocar341');
   define('DB_PREFIX', 'oc_');

7. There should be 5 instances referencing the /admin/ folder that would need to be updated to the new name you changed the folder to

You can also add another layer of protection to the dashboard by password protecting the /admin/ folder. You can do this by following the tutorial on password protecting directories.

If you need further assistance please feel free to ask a question on our support center website.

InMotion is Here to Help

With a dedicated server, you can easily manage your OpenCart application through SSH. This means fast access to your files from any location where you have online access. Also, you get the support  you need. Have questions with OpenCart? We have a education channel for that too. Check out our dedicated server review for more information about how we are here to help.

Looking for a host for your OpenCart installation? Go to OpenCart Hosting Accounts with Inmotion Hosting for more information.