A new secret key is created every time you login to Magento Admin. So, there will be a unique key (32 chars long) for each session of your Magento admin login. This key is appended to the admin URL as http://your-admin-url/key/743c37b1…adf6588/
This is basically added for security reason. In their release note, Magento say that they added secret key to URL for CSRF (Cross-site request forgery) Attack Prevention.
Sometime you may want to access admin URL without the secret key. For this, you can disable the secret key from admin URL.
Here is how you do it:-
- Login to admin
- Go to System -> Configuration -> ADVANCED -> Admin -> Security -> Add Secret Key to URLs
- Select No
- Save Config
You are done. You will not see the secret key in admin URL nowonwards.
Hope this helps.
No comments:
Post a Comment