Free and Opensource software review, Operating system review, Tips and Tricks, System tweaks, troubleshooting, Tools and Techniques, Hacks

How to password protect WordPress admin directory

password securityProtecting with a username and password is the most commonly used and easiest method to restrict access to a particular folder or a place where you want to restrict the entry of normal users. Similarly assigning  a username and password for a web directory is the simplest way to restrict access to it.  I have already written an article on how to restrict access to a web directory by setting a simple username and password.

The method mentioned in my previous post cannot be used to restrict access to the admin directory of WordPress. If you follow the above method directly, you will get an error message similar to the following.

server error message, not properly redirectng

The error message says that the browser is stuck in an infinite redirecting loop. In order to prevent this error, you will have to add one more line to the .htaccess located in the wp-admin directory.

ErrorDocument 401 default

The above line is added to prevent the browser from displaying similar errors. Thus the complete code for the .htaccess file in the wp-admin directory will look like.

ErrorDocument 401 default

AuthType Basic
AuthName “Restricted Area : Please Login to continue”
require valid-user
AuthUserFile “/path/of/web-directory/with/password/file”

The code above will prevent unauthorized persons or bots from viewing or accessing your wp-admin directory. To ensure the safety of the password file make sure that the password file (.htpasswd file ) is located in a place not accessible by any browser or http:// protocol.

This method will be your first line of defense against unauthorized attack against your WordPress blog.

, , ,

Leave a Reply

Your email address will not be published. Required fields are marked *