Tim,
I take it you are trying to obfuscate the backend url to prevent un authorised access? A better option would be to in iis restrict allowed ips to the umbraco directory.
Yes, our aim is to secure the back office as much as possible. We already have an SSL cert set up for the back office but I also wanted to add extra protection.
IP restriction is something I had not considered. Are there any other best practices for securing umbraco?
There is one more way but you would need to purchase courier. So you would have your editor instance of umbraco behind your fire wall and a live instance of the site outside your firewall. Joe public hits the site outside your firewall, this site has umbraco directory but everything save a couple of files are removed (cant remember exact list think webservices etc) basically you cannot log into the live site to edit content.
On the editor instance you make your content changes then courier those to live.
Here at Stein IAS we make use of ip restrictions so only people on our vpn can hit the backend.
Problems changing back office url v6.1.6
Hi,
I am trying to change the url used to access the ~/umbraco/ back office but just get errors instead.
From what i have read online all i need to do is change the umbracoPath value in the webconfig and update umbracoReservedPaths value.
When I try this I either get a 404 or
"Directory '[New umbraco Path]\config\lang' does not exist. Failed to start monitoring file"
Am I missing another config setting?
Cheers, Tim.
Tim, I take it you are trying to obfuscate the backend url to prevent un authorised access? A better option would be to in iis restrict allowed ips to the umbraco directory.
Regards
Ismail
Hi Ismail,
Thanks for the quick response.
Yes, our aim is to secure the back office as much as possible. We already have an SSL cert set up for the back office but I also wanted to add extra protection.
IP restriction is something I had not considered. Are there any other best practices for securing umbraco?
Thanks, Tim.
Tim.,
There is one more way but you would need to purchase courier. So you would have your editor instance of umbraco behind your fire wall and a live instance of the site outside your firewall. Joe public hits the site outside your firewall, this site has umbraco directory but everything save a couple of files are removed (cant remember exact list think webservices etc) basically you cannot log into the live site to edit content.
On the editor instance you make your content changes then courier those to live.
Here at Stein IAS we make use of ip restrictions so only people on our vpn can hit the backend.
Regards
Ismail
Hi Ismail,
Yes we are planning on using courier for our content replication. I will look into setting up our live environment to act like your suggestion.
Thanks,
Tim.
is working on a reply...