search

wri / wri_sites

WRI profile
2 stars 2 forks source link

Platform: Rename Admin Paths #271

Open StudioZut opened 1 month ago

StudioZut commented 1 month ago

Assess renaming the login/admin path for platform sites. Suggested module: https://www.drupal.org/project/rename_admin_paths

mariacha commented 3 weeks ago

This module seems lightweight enough. The /user/register page is already not available to anonymous users, but the /user/login page and the password reset are, so having those moved somewhere else makes sense.

It doesn't look like bots are trying to scan admin pages, plus those are firmly locked down, so for round 1 I'd recommend leaving those as-is (plus I think there may be headaches associated with altering them). Once the module is installed, it's easy enough to add more routes to it in the admin area, and we can re-assess.

mariacha commented 3 weeks ago

Ok, this is up and ready for review/discussion at https://pr-1189-wriflagship.pantheonsite.io

I've changed the /user paths to be /wri-user instead. This is configurable here: https://pr-1189-wriflagship.pantheonsite.io/admin/config/system/rename-admin-paths

This change will affect not only the url for the login (which will now be /wri-user/login) and the password reset (/wri-user/password) but will also change the user paths when you're logged in. See https://pr-1189-wriflagship.pantheonsite.io/admin/people.

Therefore, rolling out this change will mean letting all the users who currently log in at /user/login on Flagship and the IOs know that the login url has changed. I hesitate to put that information anywhere on the /user error pages themselves (right now they 404) or do a redirect because it could allow bots to find the new login page.

I didn't change the /admin path for now.

Let's discuss what the rollout plan for this could look like.

monicapatel21 commented 2 weeks ago

No blocker to deploying the module - because WRI admins can enable after notifying editors.

mariacha commented 2 weeks ago

Note: We will just enable this per-site, not set the value and let the WRI team do it.

mariacha commented 2 weeks ago

This is enabled on Develop, but no paths are overwritten: https://develop-wriflagship.pantheonsite.io/admin/config/system/rename-admin-paths

shannon-paton commented 1 week ago

looks good @mariacha