index.php
$admin_cookie_code="1234567890";
setcookie("JoomlaAdminSession",$admin_cookie_code,0,"/");
header("Location: /administrator/index.php");
.htaccess file
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/administrator
RewriteCond %{HTTP_COOKIE} !JoomlaAdminSession=1234567890
RewriteRule .* - [L,F]
i used this code but it's not working... page will be redirect to administrator but www.domain.com/administrator is also accessable
I got tired of searching an answer for this one and just made a PHP code that will redirect if the visitor gets into the /administration folder without the security key or as a registered user:
Just place this code at the end of the index.php file on your administration folder (/administration/index.php) before the 'echo' instruction:
/* Block access to administrator
--------------------------------------------- */
$user =& JFactory::getUser();
$secretkey = 'mysecretkey';
$redirectto = 'location: yourdomainurlhere';
$usertype = 'Registered';
//Check if the user is not logged in or if is not a super user:
if ($user->guest || (!$user->guest && $user->usertype != $usertype) ) {
//Check if the secret key is present on the url:
if (@$_GET['access'] != $secretkey) { header($redirectto); }
}
/* --------------------------------------------- */
After you will be only able of accessing your site using: mysite.com/administrator/?access=mysecretkey
Tested on Joomla 1.5 and Jooma 2.5, worked well for both.
I explain it a little bit more on my page: https://www.infoeplus.com/protect-your-joomla-administrator-folder/