Restricting and disabling admin access
By default, admin can log into Aurora Files interface using superadmin login and empty password. Upon logging in, it's possible to change admin password, as well as admin login username if necessary. Admin credentials can be reset as shown here.
If you wish to restrict admin access so that it can only be available from one or several IP addresses, that's done by editing
data/settings/modules/AdminAuth.config.json configuration file:
AdminAuth.config.json file is missing under
data/settings/modules directory, be sure to click "Update configuration" button in Database Settings screen of admin interface.
You can supply the list of IP addresses under SuperadminWhitelistIp parameter, for example:
and if the array is empty, that means all the restrictions are lifted.
If you need to disable admin access entirely, you can set Disabled to true in
data/settings/modules/AdminAuth.config.json file. You'll still be able to edit configuration files directly, of course, this is only about blocking Aurora Files admin access via web.
The same effect can be achieved by setting AdminLogin to an empty string in main in
data/settings/config.json configuration file.