Backend Protection does not work

I have backend protection set by adding a "key" after https:/www.virusys.com/administrator/? in .htaccess protection section.

I can still access the backend via the regular url.

Scott

Hi Scott,

Is the mod_rewrite enabled in the server? If so be fully sure there is no other .htacess into the administrator folder.

Regards,
Jose

Hi Jose,

I had the same experience few days ago. I'm using PLESK, and the provider had changed the server environment to NGINX, so .htaccess protection is not working anymore. I can login the Administrator area on the normal URL. Is it possible use SecurityCheck on NGINX?

Regards,
Boldi

Hi Boldi,

Backend protection should also work on nginx. If the .htacess was created before your hosting provider changed the environment then delete the .htacess (there is a button to do it into . htacess protection option of Securitycheck Pro) and then click on the 'Apply' button to generate a new one.

Please, tell me if that works.

Regards,
Jose

Hi Jose,
When I click on the button, it says I need to add the new rules to NGINX server by hand. And There is a red warning message at the top of the page, that I'm running on NGINX and it's not compatible with .htaccess files. I have SCP version 3.2.2. Is that the problem?
BR,
Boldi

Hi Boldi,

Some rules are not available in nginx but backend protection should work. I need some time to do some tests and I will be back to you. In the meantime you can protect the backend using an .htpasswd file.

Regards,
Jose