SEO & Social Media Canterbury Kent – Amby Marketing

How To Secure Your OpenCart Admin Folder Using Htaccess

Aug062015

If you run an OpenCart ecommerce website, you will want to protect your /admin/ folder to prevent unauthorised access.

One simple way to achieve this is to lock the admin folder down by ip address or range of ip addresses.

To do this, create a fresh bare bones .htaccess file and place the following code in it.


RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_ADDR} !^99\.55\.66\.78
RewriteRule .* http://www.yourwebsiteaddress.com [R=301,L]

Note that you will need to enter your own ip address in place of the one above. Also make sure to use the correct regular expression format of \. before each ip address octet.

If you don’t use a static ip address to connect to the internet, you can use wildcards so that you allow a range. For example


RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_ADDR} !^99\.
RewriteCond %{REMOTE_ADDR} !^88\.
RewriteRule .* http://www.yourwebsiteaddress.com [R=301,L]

So if you know that you are usually assigned an ip address in the range of say 99.*.*.* you can allow only that range.

The final line in the code redirects the unauthorised user to an address of your choosing. You may want to set this to your main website URL or you could send them to the very dark corners of the web…..

This will in effect block 99.9% of users being able to access your Opencart admin folder.

Remember to add the new .htaccess file into the admin folder and NOT into the root top level folder!

If you do that, you and a few others will be the only ones who will be able to access your site.

You can follow any responses to this entry through the RSS feed. You can leave a response, or trackback from your own site.

Tagged , , , ,

Leave a Reply