How To Password Protect Your WordPress Admin Directory
March 11th, 2017 | by Ravi Chahar || 6 Comments |
The security of a WordPress website is one of the major concerns and you should always look for adding one more security layer.
The admin directory is responsible for accessing your WordPress dashboard. You pass through the login phase and enter in the admin panel.
Have you ever thought to password protect your WordPress admin directory? You may be wondering as if it’s already protected because you use login credentials to enter in the WP-Admin area.
Well, we’re talking about adding one more layer. Before you even see the login page, an extra authentication will get added.
It can save your WordPress website from brute force attack and more.
What Do You Need To Do To Activate This Authentication feature?
In this tutorial, I am going to guide you with a simple method which requires the use of cPanel.
Follow the steps.
Step 1:- Login to your web hosting cPanel and scroll down to the security section. You will see a “Password protect directories” icon. Click on that.
Step 2:- A popup box will appear to you asking about the domain name and the directory you want to open. By default, it will be “web root” and that’s what you have to open.
It’s because your website is placed in the PUBLIC_HTML folder. All the WordPress files and folder are present in the root directory.
On this new page, you will see many folders. As you want to password protect your WordPress admin directory so click on the “wp-admin” folder.
Step 3:- A new page will open for you to enable the password protection. Check the box to activate it and enter the name of the directory you want to see while authenticating.
You have to create a user so that you can pass the authentication while logging in to your admin panel.
NOTE : Don’t forget the username and the password.
Generate a strong password for the strongest security. Save the settings and click on the “Add or Modify The Authorized User” button.
You have successfully added a security layer to your WordPress admin directory. Whenever anyone tries to login, an alert box will appear which will require the login credentials of the user you created.
Do You get 404 Error or redirect errors?
Adding this authentication can block a few resources of the wp-admin directory. If you get any kind of error, you should add a small code in the .htaccess file present in the wp-admin folder.
Go to cPanel>>file manager>>wp-admin>>.htaccess file.
Edit and add the code.
The error may vary, you can also get 403 error. So add another line of code just by replacing 401 to 403. Save it and you’re good to go.
If you use any plugin which uses the Ajax of the wp-admin directory then you need to add another code in the .htaccess file.
Though only a few plugins use the front end Ajax functionality which can be solved. Just like above, navigate to the .hatccess file and add this code.
Order allow, deny
Allow from all
The errors will get removed if any. Congrats, you have successfully secured your website’s admin panel.
I Hope you can Easily Password Protect your WordPress Admin Directory.
The above-mentioned is the best method to accomplish this task. The simple use of the cPanel and within a few minutes, you will have a secure admin panel.
The codes mentioned above are in need to add only if you see any unusual error otherwise, everything is good.
Isn’t that easy to password protect your WordPress admin directory? If you still face any difficulty, feel free to drop a comment.