![]() BackOfficer Friendly can interact with the hackers, pretending to be a Back Orifice server or server for other types of requests. On your front end website, deploy your site minus the umbraco folder, or delete the umbraco folder if already deployed, and then add the following rule to the Web. BackOfficer Friendly gives the attacker false answers that look like they came from Back Orifice, while logging the attackers IP address and the operations they attempted to perform. ![]() Once you have the backoffice site deployed and running, login to your Umbraco backoffice, and set the site hostname, you can do this by right clicking the root node for your site, then choosing Culture and Hostnames, then enter your domain(s) into the box(es) and click Save. On my website I have gone as far as to completely remove the /umbraco folder, this with a simple IIS rewrite rule is all it takes to remove the backoffice, and return a 404 error on the front end server, when trying to access it.įirstly you will need to deploy the whole site including the Umbraco folder to a second hosting environment, this will serve as your backoffice, this can be secured behind some authentication system, such as Basic Authentication, for further protection. ![]() ![]() It may seem a pretty daunting thing to do, to relocate the whole Umbraco backoffice, however it's actually really simple. Being able to relocate the Umbraco backoffice to a subdomain can useful for both increased security and to simplify things for editors. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |