AbanteCart Community

Shopping Cart Operations => Security => Topic started by: user88 on October 31, 2018, 02:49:44 PM

Title: Browser Console in Firefox can be used to access unique admin folder name
Post by: user88 on October 31, 2018, 02:49:44 PM
Hi,

I decided to see what "Browser Console" was in Firefox and got two warnings on my AbanteCart installation. Both warnings show up on all the pages I tested (store side - up to checkout page). No clue what they mean or why they exist, HOWEVER, when I looked more closely, I noticed that there is a request made that includes the name of my admin folder. Anyone with a little bit of knowledge about AbanteCart cart can use this to find the admin page thus defeating the purpose of having a 'changed' admin page address.

Please look at attachment. Blotted out lines are where my admin folder name is listed. The line that displays this and then causes the warning is for whatever reason a recurring one. That is the request is made every so many minutes.

Any thoughts on how to solve this would be appreciated.

Thanks.

Title: Re: Browser Console in Firefox can be used to access unique admin folder name
Post by: Basara on November 01, 2018, 02:40:33 AM
Do not allow anyone to see YOUR browser console.  ;)
If you browse admin of course your browser (firefox) will make a lot of request to "admin"
Title: Re: Browser Console in Firefox can be used to access unique admin folder name
Post by: user88 on November 01, 2018, 04:45:12 PM
Thanks, I did have the admin panel page open on a different tag. I guess that page was generating those requests.