I am looking for some advice/best practice about how to lock down access on our live webservers.
We dont want anyone to be able to access or even see the admin login page.
Obviously if we did need access we could re-enable it, and we have also thought about only allowing the access from @localhost@.There seem to be a number of URLs that get to the login page (../admin, ../administration, ../CMSPages/logon.aspx, etc), and I would like to know if anyone out there has recommendations for how to do this reliably and robustly?Thanks
↧