I'm either not looking in the right places, or there just isn't a lot of information about how to secure the umbraco login. I would really rather not give people an admin authentication form to hammer away at, if possible. So, here are the two ideas I've had so far, both of which have failed.
1) Two websites. My website site sits behind various routers and firewalls. I thought that I would make two websites, both pointing at the same directory on the server where umbraco is install. One site would be able to hit /umbraco/ for administration and would only be accessible inside our network, and then the other that would be accessed by the world, from the outside, and it wouldn't have access to /umbraco/. So for that second site, in IIS, I set a virtual directory called "umbraco" that just redirected back to the root of my website. But then the rest of the site fails when I do that. Seems any reference to "/umbraco" in the code gets a reference to the virtual rather than the physical.
2) Rename "/umbraco". So first I renamed the physical folder to something else. Then in my web.config I changed the "umbracopath" app setting. I've read of various problems people have had with renaming the umbraco directory but they all seem to be with JS and images. But when I did this the site wouldn't even load. I would get
Parser Error Message: The file '/umbraco/masterpages/default.master' does not exist.
For option #1, you can set up umbraco to be load balanced, with your admin available from within your intranet and your content available to everyone else:
I have got option 2 working decently and I haven't found any problems that I haven't able to fix yet. That error message will be what is used in your template for your homepage as it will be looking for the umbraco masterpages. I had to do a search across my solution for '/umbraco'. I know there is definitely a place or two in the CSS to change the icon location.
How do you rename /umbraco
I'm either not looking in the right places, or there just isn't a lot of information about how to secure the umbraco login. I would really rather not give people an admin authentication form to hammer away at, if possible. So, here are the two ideas I've had so far, both of which have failed.
1) Two websites. My website site sits behind various routers and firewalls. I thought that I would make two websites, both pointing at the same directory on the server where umbraco is install. One site would be able to hit /umbraco/ for administration and would only be accessible inside our network, and then the other that would be accessed by the world, from the outside, and it wouldn't have access to /umbraco/. So for that second site, in IIS, I set a virtual directory called "umbraco" that just redirected back to the root of my website. But then the rest of the site fails when I do that. Seems any reference to "/umbraco" in the code gets a reference to the virtual rather than the physical.
2) Rename "/umbraco". So first I renamed the physical folder to something else. Then in my web.config I changed the "umbracopath" app setting. I've read of various problems people have had with renaming the umbraco directory but they all seem to be with JS and images. But when I did this the site wouldn't even load. I would get
Parser Error Message: The file '/umbraco/masterpages/default.master' does not exist.
For option #1, you can set up umbraco to be load balanced, with your admin available from within your intranet and your content available to everyone else:
http://our.umbraco.org/wiki/install-and-setup/installing-umbraco-for-load-balanced-environments
As far as I know option 2 does not work without issues, or at least that was true when I last tried (pre 4.5)
Rich
I have got option 2 working decently and I haven't found any problems that I haven't able to fix yet. That error message will be what is used in your template for your homepage as it will be looking for the umbraco masterpages. I had to do a search across my solution for '/umbraco'. I know there is definitely a place or two in the CSS to change the icon location.
You culd use url rewriting to allow for the use of /admin instead of /umbraco... This can be done in umbraco.
Also on IIS server using url redirection.
is working on a reply...