Learn about Centmin Mod LEMP Stack today
Register Now

How to adjust all admin pages to use same creds?

Discussion in 'Centmin Mod Insights' started by jeffwidman, May 18, 2015.

  1. jeffwidman

    jeffwidman Active Member

    152
    27
    28
    Dec 3, 2014
    Ratings:
    +51
    Local Time:
    7:37 PM
    It's a bit of a pain to log into the various admin status pages:
    - zend opcache
    - memcache
    - php-fpm
    - nginx pagespeed # I did see the note about needing to be IP-protected

    I'm thinking about making life a little easier on myself, as I only just now noticed my opcache was running out of space and I want it to be easy for me to check these pages so I notice sooner next time...

    Had a few questions:


    1) if I want to make them all have the same username/passwords, will this create problems when upgrading nginx or php? Thinking about making a /usr/local/nginx/html/admin.html page that links to the different status pages, and if they all have the same creds, then once I'm in and the cookie is set I can access them all no problem.

    2) Where is the nginx conf file that locks down the memcache_xxx.php file? I grepped but wasn't finding it.

    3) Any reason to not move them to /memcache.php /opcache.php etc? They'll have strong enough passwords, and I'll probably turn on IP-based protection, wasn't sure if there was another security risk I was unaware of with easily guessable paths, or if modifying these paths will create conflicts when upgrading nginx/php.
     
  2. eva2000

    eva2000 Administrator Staff Member

    53,507
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:37 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    fyi, if you bookmark urls as the following format, you auto input the user/pass without needing to enter it

    Code:
    http://username:password@ipaddress/protectedarea/
    this allows separate user/pass and never having to enter the user/pass ;)

    2) memcached password is set inside memcached.php file itself there's variables for user/pass
     
  3. jeffwidman

    jeffwidman Active Member

    152
    27
    28
    Dec 3, 2014
    Ratings:
    +51
    Local Time:
    7:37 PM
    I never bookmark anything honestly. Plus all my passwords are in Lastpass, I like to keep them there and not worry about keeping updated other places as well.

    Any hints on where the memcache_xx.php file gets locked down?
     
  4. eva2000

    eva2000 Administrator Staff Member

    53,507
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:37 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    2) memcached password is set inside memcached.php file itself there's variables for user/pass
     
  5. eva2000

    eva2000 Administrator Staff Member

    53,507
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:37 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    hmmm wonder if i can move all the stats admin pages under directory link /adminstats with password protection on that so any stats/admin files located there will be password protected under one password