The Joomla CMS Platform has an /administratotr/ folder which cannot be renamed. I'd like to secure it by requiring a custom url parameter to access it – I.E. /administrator/index.php?token=1149785380. After accessing this url, an html session cookie should be used to allow access for the duration of their browser session. Any thoughts what could be wrong with my code?
## /administrator/.htaccess
## Begin Admin Folder Security
RewriteEngine On
# if the url token is present, set the cookie
RewriteCond %{QUERY_STRING} ^token=1149785380$
RewriteRule ^ - [CO=jtywrxsoiq:8360937614:%{HTTP_HOST},L]
# if the cookie is not present, invoke the root directory
RewriteCond %{HTTP_COOKIE} !jtywrxsoiq=8360937614
RewriteRule (.*) ../
## End Admin Folder Security
Best Answer
Well it seems that cookies weren't working on my WAMP localhost installation. I don't know why but it works on the server.
I've changed the last rewrite rule to: