How to Password Protect Your WordPress Admin (wp-admin) Directory


How to Password Protect WordPress Admin (wp-admin) URL
Faustina Sadler

Now use following command to create first user in .htpasswd. cPanel users can can use their dashboard to generate this file. If you don’t have shell access, you can use online htpasswd generator it and put on your server.

How to password protect your wordpress admin directory (wp-admin)
Inez Ross

Each and every wordpress users know the login page that is www.yourwpsite.com/wp-admin. First thing hackers try on these wordpress site is to access your site through wp-login page. If you need some extra security for your site why don’t you add an additional authentication to your login page? How to password protect your wordpress admin directory? Adding additional authentication to your login page is easy. Just follow the steps carefully in this article.

How To Password Protect Your WP Admin Folder in WordPress
Elvira Abbott

Protecting a folder will protect all folders within that folder. Also, you will need to create users who can access the protected directory. You can give the password protected directory any name, no matter what the actual directory is called.

How to Password Protect Your WP-Admin Directory
Deborah May

The Internet is an amazing place, but it is not well protected. It falls on the web developers to guard their website against incoming threats. There are many great security plugins like WordFence that help guard against cyber attacks. Sometimes the threat is not always that far away. It’s not a pleasant thought, but sometimes employees are not looking out for the benefit of the website. This will also keep employees from stealing or damaging sensitive information found in the wp-admin directory.

How to Secure WordPress Login Page (wp-admin) with additional Strong Password (Pre-Login Authentication)
Karry Laporte

Hi App Shah, my hosting provider uses his own Control Panel design, which does not contain a file upload function, so I am creating my files with a text editor and then upload them by FTP.
Despite trying different locations for the two files and each time altering the file paths within the .htaccess file accordingly, I have not been able to provide the extra layer of security described in your article. The only time the “Authorized Only” window popped up was when I placed both .htaccess und .wpadmin files directly in the folder into which WordPress has been installed. After having entered my username and password, this resulted not in the WordPress Login appearing but rather in an Error 500, since it is, of course, bad security practice and not permitted by my hosting provider.
My directory structure as visible on the FTP client is: hosting-package/html/domain-directory/wordpress-directory.
I assumed that I should place the .htaccess and .wpadmin files in the domain-directory and have used AuthUserFile /domain-directory/.wpadmin. This did not work, and also changing to FilesMatch “/wordpress-directory/wp.login.php” was in vain.
Then I placed the two files in the next higher levels /html and /hosting-package, each time editing the file paths accordingly, without success.
Finally I tried placing the .htaccess file in /html and the .wpadmin file in /domain-directory, with and without specifying the wordpress-directory in FilesMatch.
So I have tried every possible location for the two files, each without success.
Using my directory structure ‘hosting-package/html/domain-directory/wordpress-directory’, could you instruct me on where to place the two files and which paths to use for FilesMatch and AuthUserFile, please?
Cheers, Gaius

Be the first to comment

Leave a Reply

Your email address will not be published.


*