tags:

views:

81

answers:

4
Q: 

Drupal Administer

How to rename drupal's admin directory as I already have a directory named "admin"?

+3  A: 

you can't. simply because admin directory doesn't exist. it's just a url path (defined in all modules that have got a reference of it in hook_menu)

The only solution I have right now is to implements hook_menu_alter and redirect all menus that starts with admin/ somewhere else, but I can't say that it will work 100%.

Bladedu  2010-10-19 11:27:44
+5  A: 

As Bleadedu pointed out, Drupal has no "directories" in its URL.

The urls you see are all so called "clean urls", achieved with a nifty trick in Apache (the webserver) configuration. You could disable clean urls that will fix your problem, but may not be an option, if you rely on this feature for some reason.

Another option is to use path module to circumvent this issue. This has downsides too, most notably, the fact you need to manually change each url with admin in it.

The last option is to change the rewrite rules in Apache. This is hard to achieve and requires some knowledge of mod_rewrite.

berkes  2010-10-19 12:03:42
Not really exact information - most of the 'admin' URLs are *not* clean URLs, but the actual, internal Drupal paths (defined in 'hook_menu' implementations, as Bladedu stated). So disabling clean URLs will *not* fix the problems, as most of the 'admin/...' URLs will stay the same nonetheless.
Henrik Opel  2010-10-19 20:20:55
Henrik, I think you're mixing up path aliases and clean url's. Disabling clean url's, as berkes suggests, only means that the `?q=` will appear in the url. I think that would work because it allows the server to make a difference between example.com/admin (the directory) and example.com/?q=admin (the drupal page).
marcvangend  2010-10-19 20:28:23
As marcvangend points out: disabling clean urls will bring back the ?q=admin urls. Apache will then no longer mix up /admin (a directory) and ?q=admin (a parameter on the URL)
berkes  2010-10-20 12:59:39
A: 

Instead of changing the path of /admin, you should beef up security elsewhere.

First, finding out your site uses Drupal is a piece of cake.
Huge companies use Drupal, and don't change their /admin path.

Don't use User 1. Most of the time, there is no need for anyone to be using User 1. Even the highest of admins should be given a role, and certain permissions. User 1 should have a complicated long password, changed every (x) number of days or hours, but never actually used. I think there is also a module for this, but I can't remember off the top of my head because I just do this programmatically.

logintoboggan.module The Login Toboggan module will display the login form for Access denied pages

login_security.module

protect_critical_users.module

userprotect.module

session_limit.module

nodeaccess.module

Don't let direct access to update.php and cron.php. Create a cronjob to run via shell. -have them direct to forbidden/or a 404 with a search page

Use the tools in cpanel/whm or similar. Knock out bad login attempts and such.

There are a ton of other ways to beef up security in drupal.

picxelplay  2010-10-20 09:16:35
Has some good information on how to secure Drupal, but is really offtopic. Question is how to avoid collisions of /admin (Drupal urls) with a directory /admin, tat may be added by some server-system.
berkes  2010-10-20 13:01:14
A: 

I somehow forgot that you said "as I already have a directory named "admin". opps.

I think you would be wise to either alter that other directly instead, put it inside of another directory, or simply don't use it.

It is just going to be very messy. You would have to look into every single module to see if it needs adjusting.

Off the top of my head, the user.module will need to be altered, and also take a look at http://api.drupal.org/api/search/6/url_rewrite.

custom_url_rewrite_outbound and custom_url_rewrite_inbound will work, BUT you will still be able to access /admin by typing it in manually. You will get a forbidden if you stick a "admin" folder in your root.

All in all, I think it would be a messy venture, and you might get a lot of broken updates. Until something like this is offered in core, I wouldn't do it. Even if there was a module that could, I wouldn't use it.

*You will have to "Hack Core," and I don't think this justifies hacking the core.

picxelplay  2010-10-20 17:45:40

related questions

Batch node operations in Drupal 5
How do you make php's json_decode compatible with firefox's javascript?
Drupal CSS URL Problem
Is it possible to deploy an already built Drupal site?
php Access violation
Creating an online catalogue using Drupal, what are the best modules/techniques?
How do I upgrade from Drupal 5 to 6?
How does AOP work in Drupal?
Any quirks I should be aware of in Drupal's XML-RPC and BlogAPI implementations?
What is the simplest way to handle images in Drupal?
How can I change some of Drupal's default menu strings without hacking the core files or using the String Override plugin?
Why is my Drupal site logging out users when a Javascript function is called?
How do I add a "last" class on the last <li> within a Views-generated list?
How do I determine if I should install Drupal 5.x or 6.x?
Missing label on Drupal 5 CCK single on/off checkbox
learning drupal fast track: how to create a stackoverflow clone?
How do you remove the default title and body fields in a CCK generated Drupal content-type?
How do I create a node from a cron job in drupal?
How to quickly theme a view?
Where is the best place to get Drupal & Sugar CRM developers?
How to get rid of Javascript Runtime Errors when running PDT + XDebug in Eclipse?
What makes Drupal better/different from Joomla
Include CSS or Javascript file for specific node in Drupal 6
What version of TinyMCE will work in Drupal 5 with google chrome?
How can I change the way my Drupal theme displays the front page