basilicom-pimcore-plugin / protected-admin
A Pimcore plugin that requires a basic auth challenge prior to granting access to the admin backend.
Installs: 13
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 3
Forks: 0
Open Issues: 0
Type:pimcore-plugin
Requires
- php: >=5.6.0
- pimcore/installer-plugin: >=1
This package is auto-updated.
Last update: 2024-11-09 22:34:13 UTC
README
Developer info: Pimcore at basilicom
Synopsis
This Pimcore http://www.pimcore.org plugin requires http basic authentication prior to granting admin access. Username and password can be set via Website Settings.
Code Example / Method of Operation
After installing the plugin there are new website settings available (under Settings > Website): protectedAdminUser, protectedAdminPassword. Set them accordingly.
Motivation
Even though Pimcore comes with great security it still makes sense to prevent access to admin through the main domain, especially to any bots, script kiddies, etc.
Installation
Add "basilicom-pimcore/protected-admin" as a requirement to the composer.json in the toplevel directory of your Pimcore installation. Then enable and install the plugin in Pimcore Extension Manager (under Extras > Extensions)
Example:
{
"require": {
"basilicom-pimcore-plugin/protected-admin": ">=1.0.0"
}
}
Troubleshooting
In case you lose access to the admin area due to misconfiguration you have two options:
- disable plugin by editing /website/var/config/extensions.xml (change the value to 0 or delete the whole line)
- remove the Website Settings by deleting the corresponding keys (protectedAdmin*)
Contributors
- Igor Benko igor.benko@basilicom.de
- Christoph Luehr christoph.luehr@basilicom.de
License
- GNU General Public License version 3 (GPLv3)