When and How to Password Protect Your Entire WordPress Website

Password protect your entire WordPress website

Do you want to password protect your entire WordPress website? Do you even know what does that even mean? It’s quite similar to password protecting your admin directory but not the same.

One of our readers asked whether it’s possible to add another barrier by adding a username and the password to a complete website.

This concept comes into the light when web developers and designers started to use the live website to showcase their work portfolio.

They design a website and password protect it along with discouraging the search engine to index. In this tutorial, you will learn the easiest way to password protect your entire WordPress website.

NOTE: It’s not recommended for your regular website

PUBLIC_HTML Directory is What You Need

As you all know, the data of your WordPress website is stored in the root directory. Whether you have added it as an addon domain, subdomain or moved to any folder, it will be available in this directory.

It means if you want to password protect your website, you have to do it with this directory.

To do so, you have to follow a few steps

Step 1: – First of all, login to the cPanel of your web hosting account. Depending on the cPanel provided to you, you have to search for the “Directory Protection”.

It can be Directory Privacy, Password protect directories or similar. The concept is to find an icon which can take you to protect the directories.

Step 2: – Once you find such icon, click on that and you will be redirected to a new page. You will see the list of directories which can be password protected.

password protect wordpress blog

Click on the public_html folder.

Step 3: – On this page, you will see a check box to protect this directory and enter the name of the directory. You have to create a new user so that only a few individuals can visit your website using those credentials.

Make sure, you use a strong password which is always recommended. A weak password is prone to get hacked.

password protected blog sites

After filling all the credentials, save the settings and you’re all set.

You have successfully password protected your whole website. From now onward, no one can visit your website without a username and the password.

An Alternative to Access the PUBLIC_HTML Directory

Some of you may get confused when you don’t find the directory privacy, password protect directories icon in the cPanel.

To make it easier, I have a different solution for you. Just open the file manager.

NOTE: Open the main directory instead of the root directory.

It will show you all the folders which are available on your web hosting. Look up for the public_html folder.

Right click on that folder and you will see an option to “Password Protect” this directory. Once you click on that folder, you will reach to the same page as you saw in the previous method.

hide my site wordpress

It will show you all the same fields to generate credentials for a new user along with a password.

Just like before, fill the details and save settings.

I Am Sure Now You Can Password Protect Your Entire WordPress Website

The decision of password protecting your website should be taken only if you want to show it to some specific people.

It’s because once you accomplish this, no one would able to read the content of your website. As discussed before, it’s good only if you want to showcase your skills.

People need to read the tutorials you provide, and no one can know the login details.

Before you password protect your entire WordPress website, you should know what you’re really going to do. If you still have any doubt, feel free to drop a comment.

You can also connect with us on Twitter, LinkedIn, and Facebook.

by Ravi Chahar

A WordPress Professional and the LinkedIn Influencer. A coder by passion and a blogger by choice. WordPress theme development is his forte. He is your WordPress guy who will teach you how to solve WordPress errors, WordPress security issues, design issues and what not.

Get Free Updates Into Your Inbox

Learn Everything Just Like I Did



  1. Hi Ravi. In my cPanel the icon is called Directory Password

    Locking down the public_html will put password protection on every website you have on your hosting account. To just protect one website you would put the password on whatever folder WordPress is installed in for that website, which may or may not be public_html. I would make sure that any website you want to lock down like this is installed in a subfolder of public_html.

    Another issue is that now everyone has to log in with the same username and password. If you need to take access away from someone in the future then you have to change the password and then notify everyone else who should have access. It seems like a lot of work.

    There are plugins that do all of this for you and still let you keep some pages public. I use the free version of s2Member and it seems to be working well so far. Everyone gets their own username and password. Some pages are password protected while others are not. If you were a photographer for example, you can market your business on the public pages, then keep most of your photo portfolio password protected. I use it for a membership site that I am building.

    1. Hey Wayne,

      You’re right. People would require the same login credentials as you set. That’s why I have cleared it in the tutorial that it’s not for everyone. People who really understand it can use it.

      And it depends on the data of your website. I have mentioned it whether it’s an addon domain, subdomain or you have moved it to any other folder, you can do that by protecting that only.

      It’s the matter of choice.

Leave a Reply

Your email address will not be published. Required fields are marked *