View Full Version : How do I rename my Admin folder of Zen Cart site to prevent unauthorized access?

AP admin
07-30-2010, 08:31 PM
As access to your admin area is protected by the requirement of your admin password, it is always recommended for additional security that you rename your admin directory after installation. This will make it harder for hackers to find the admin area or attempt any attack on breaking into it.
Before making the following changes, make sure to take a current backup of your files and your database.

You're going to do three steps: A) edit the configure.php settings and upload them, B) rename the admin folder, C) test login to the new folder.
Details are below:


A - Edit /admin/includes/configure.php

Using your FTP program, download a copy of your /admin/includes/configure.php file to your computer.
Using a simple text editor like notepad (or better yet, use Notepad++ or TextWrangler), change all instances of admin to your chosen new admin folder-name.

For maximum security, you are suggested to consider that new folder name should include numbers and a combination of upper and lower case letters. The longer you make this folder's name the more secure it will be.

When editing, make sure you leave all the / (slashes) alone.

Change this section:

define('DIR_WS_ADMIN', '/admin/');
define('DIR_WS_CATALOG', '/');
define('DIR_WS_HTTPS_ADMIN', '/admin/');
define('DIR_WS_HTTPS_CATALOG', '/');

And this section:

define('DIR_FS_ADMIN', '/home/mystore.com/www/public/admin/');
define('DIR_FS_CATALOG', '/home/mystore.com/www/public/');

You will end up with something that looks like this:

define('DIR_WS_ADMIN', '/mysecretadminarea/');
define('DIR_WS_CATALOG', '/');
define('DIR_WS_HTTPS_ADMIN', '/mysecretadminarea/');
define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_FS_ADMIN', '/home/domain.com/www/public/mysecretadminarea/');
define('DIR_FS_CATALOG', '/home/domain.com/www/public/');

Now, you must upload the changes back to the server, using your FTP program.
B - Rename the Admin folder

Using your FTP software or your webhost's File Manager, find your Zen Cart™ /admin/ directory. Rename the directory to match the settings you just made in step A.
C - Login to your admin using the new URL

To login to your admin system you will now have to visit a new URL that matches the new name used in steps A and B above.

For example instead of visiting http://www.example.com/admin/ visit http://www.example.com/NeW_NamE4u/

Use of SSL is highly recommended to protect your and your customers information.