What Is An Undeletable Administrator?
An undeletable administrator is just what it sounds like. Its an administrator account that cannot be altered, changed or deleted from the website by anyone, even another administrator in the ACP.
Reasons For An Undeletable Admin Account:
- Improved forum security. If your forum should be compromised in some way like a hack attempt the undeletable admin account will allow you to regain control.
- A back up admin account. If anything should happen to your regular admin account having an undeletable admin account will allow you access to your site.
- Hostile administration takeover. Yes this sounds a little silly for a website but for those who have had this happen its no laughing matter. Without this insurance its possible for someone to gain access to your administrator account and take over the site stealing files, clients, customers, members and/or the database.
How Do I Setup An Undeletable Admin?
Setting up an account to protect your website is really quite easy just follow the guide below.
- Login to your AdminCP and go to Users > Add New User and add the desired profile information inclluding username & password to create a new user. Make sure that you choose Administrator in the “Primary Usergroup” drop down. Keep in mind the user ID number of this account before saving it, you will need it for future steps.
- Go to Usergroups > Administrator Permissions. Edit the permissions of the account you just created. Be sure to tick “yes” for everything so that in the event your regular account is compromised you have full access until you can restore your regular account within the website.
- Now login to your website via FTP and download your config.php file. After logging in via FTP just navigate to your “includes” directory inside the folder where you store your forums to find the file. You will need to have a HTML editor to edit this file. You can use Notebook, Dreamweaver, or some other HTML editor. DO NOT use MS Word to edit this file. Copy the file and save it to another area on your hard drive just in case as a backup. For information on using a FTP to upload & download files check our FTP Tutorial.
Editing The File
- Open the config.php file in your HTML editor and find:
$config[‘SpecialUsers’][‘undeletableusers’] = ”;
…and add the admin account ID number between the ”. If your ID number was 213 then your code would look like this after edited:
$config[‘SpecialUsers’][‘undeletableusers’] = ‘213’;
- Make sure that you also put the administrator ID on USERS WITH ADMIN LOG VIEWING PERMISSIONS, USERS WITH ADMIN LOG PRUNING PERMISSIONS, USERS WITH QUERY RUNNING PERMISSIONS & SUPER ADMINISTRATORS. This will ensure that you have full site permissions in the event of a problem.
- Save the file and upload it to the proper place inside the includes directory.
Wrapping It Up
You should have a undeletable admin now set up. To check and see if it works, try to change the admin account you just created either in the ACP or logged into the site using the account. You should get an error message that states the account cannot be altered.