Password Protect Wordpress Login URL
Adding password protection to your Wordpress Admin Area is a simple step towards boosting Wordpress security and slowing down hackers. Every hacker knows that the standard url for the admin area is wp-login.php
or /wp-admin/
and they love to attack it nonstop.
Follow this guide to password protect your Wordpres Admin Area today.
Make a backup of your .htaccess
file first before editing it
You will be placing the .htaccess
file in the folder that you want to secure and place the .htpasswd
file in the main folder where your website files are uploaded. This is often public_html
-
Use the htpasswd generator
-
Locate your
.htaccess
file and open it using File Manager or your favorite FTP client and Code Editor Software. The.htaccess
file is hidden so you’ll need to select Show Invisible Files to see it. -
Add Basic Authentication or Digest Authentication
Basic Authentication
AuthType Basic
AuthName "Password Protected"
AuthUserFile /full/path/to/.htpasswd
Require valid-user
Satisfy All
Digest Authentication
AuthType Digest
AuthName "Password Protected"
AuthDigestDomain /wp-login.php https://www.askapache.com/wp-login.php
AuthUserFile /full/path/to/.htpasswd
Require valid-user
Satisfy All
Change https://www.askapache.com/
to your actual URL
Make a backup of your .htaccess
file first before editing it
-
Open your
.htaccess
file with File Manager or using your favorite FTP Client and Code Editing Software. The.htaccess
file is hidden so you’ll need to select Show Invisible Files to see it. -
Add the following code at the top of the
.htaccess
file
Order deny,allow
Deny from all
Allow from 198.101.159.98 localhost