Connect with us

How to harden the security of wp-admin – WordPress admin giude


How to harden the security of wp-admin – WordPress admin giude

Your WordPress admin account is a glowing target for crackers.  One suggested way to improve WordPress admin security is NOT to use admin as your admin username.

If you are currently using admin as username, don’t worry.  You can still change it.

  1. create a new hard-to-guess username
  2. Change it to admin
  3. Demote admin username to user or subscriber. Don’t delete it, use it a decoy.
Other things to consider
  • Never use the admin account to post news or blogs – create an editor account instead
  • Use .htaccess to protect wp-admin directory.
  • Use Profile Builder for user profile editing

Protect wp-admin directory

You may want to use .htaccess to protect wp-admin directory. Let’s assume your staticIP is

Your .htaccess should look like this:

AuthName “protected”
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from

If your IP is dynamic, You may use 192.168.100.  to cover possible IP changes.  If you find yourself locked out due to IP change, find your new IP, and change the old or add the new IP into .htaccess file.

Profile Builder for user profile editing

Use Profile Builder for your user profile editing, in addition for user login and registration.

wp-admin should be only accessible to admin, not to regular users! Regular users should not have any remote connection with wp-admin.  This is one of serious security  oversights of  WordPress.

Related:  How to Improve WordPress Security on your Site
Continue Reading
You may also like...

We are a WordPress plugin developer company that focuses on useful WordPress plugin creation and empowering people to earn passive incomes from their blogs. We build unique and groundbreaking plugins that will revolutionize your blog!

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in solution

    Sign up for our newsletter and get a free affiliate e-book!

    About Me:

    Szabi Kisded

    Hi, my name is Szabi and I'm documenting my journey earning an online (semi)passive income. Learn more

    Mega Plugin Bundle:

    CodeCanyon Portfolio:

    Online Courses:

    Recommended Theme:

    Popular Posts:

    Latest Posts:

    To Top