A good (and highly recommended) security measure is to change the location of your admin directory. Essentially if a hacker was to obtain access to your admin area the amount of damage that can be done is huge with WHMCS containing all your customers’ details, servers’ details among other things.
Step 1: Rename your admin directory
- Login your cPanel control panel
- Navigate to “File Manager”
- Open up your WHMCS directory and rename your admin directory to something else (This can be anything you want)
Step 2: Telling WHMCS of the new admin directory
- While still in your file manager & in the WHMCS directory open up “Configuration.php”
- BEFORE the last ?> add:$customadminpath = “admin”;So the last 4 lines will look like this:$templates_compiledir = ‘templates_c/’;
$mysql_charset = ‘utf8’;
$customadminpath = “admin“;
- Replace admin with whatever you renamed your admin directory to in step 1 (This MUST be exact & IS case sensitive)
- Save & close configuration.php
Step 3: Updating cron job
- While in your cPanel control panel scroll down until you find “Cron Jobs”
- Locate the relevant cron job for WHMCS and click the “Edit” button
- Replace the “admin” directory” with whatever it is you put in step 1 and 2 (Again this MUST be exact & IS case sensitive)
You should now be able to access your WHMCS admin area from the new URL without any problems. You could also take this a step further and provide a fake admin area in the usual /admin directory, this way you can see which IPs are trying to force their way into your admin area when they shouldn’t be.
Looking for quality web hosting? Look no further than Arvixe Web Hosting!