When you install Zen Cart manually from the official .zip file, the Admin folder is named as /admin/ and when you install Zen Cart from auto-install applications like Fantastico the Admin folder is often named /zc_admin/.
For security, in ALL Zen Cart installations you should rename the admin folder to something more obscure
While access to the Zen Cart admin area is protected by a log-in using a username and password, it is recommended for additional security that you rename your admin directory after installation. 99% of the break-ins and website hacks I've dealt with were by sql injection attacks, and exploiting the lost password function on the admin login page. By 'hiding' the admin folder it will be significantly harder for hackers to locate your admin area and attempt to hack your site.
By default, the latest version 1.39 of Zen Cart won't allow you to access the admin area till you have changed the name of the folder, so you need to follow these instructions to change the folder name and modify the relevant entries in the configuration files.
(Before making the following changes, make sure to have a current backup of your files and your database.)
You're going to do three steps:
- Step A) edit the configure.php settings and upload them,
- Step B) rename the admin folder,
- Step C) test login to the new folder.
The required Steps are detailed below:
Using a simple text editor like notepad (or better still, download and use a free text editor like Notepad++ ), change all instances of admin to your chosen new admin folder-name.
For maximum security, you may want to consider that new folder name should include numbers and a combination of upper and lower case letters. The longer you make this folder's name the more secure it will be.
When editing, make sure you leave all the
/ (slashes) alone.
Change ONLY THE WORD admin, in 3 places, AS SHOWN HERE:
Change this section:
You will end up with something that looks like this:
And change this section:
Now, you must upload the changes back to the server, using your FTP program.
IMPORTANT NOTE:Your configure.php file should be set as Read-Only for normal use. So, you'll need to make it Writable before you'll be able to upload/save your changes to the file. (In *some* cases, your server might require you to DELETE the file from your server before you can upload the edited version to replace it.)
Be sure to make it Read-Only again when finished. Often you can right-click the file in your FTP program and change the permissions settings there.
Using your FTP software or your webhost's File Manager, find your Zen Cart™ /admin/ directory. Rename the directory to match the settings you just made in step A.
To login to your admin system you will now have to visit a new URL that matches the new name used in steps A and B above.
For example instead of visiting http://www.youronlinestore.com/admin/ visit http://www.youronlinestore.com/NeW_NamE4u/