Connect with us

How to password protect the wp-admin directory from WordPress?

solution

How to password protect the wp-admin directory from WordPress?

Password protecting your wp-admin directory is one of the  recommended security measures to harden security-leaking WordPress websites.

It is a very simple effective security measure but it also has potential to disrupt the rendering of the WordPress site because the security-mind-seriously-lacking developers (kind of reminding us the well-known company whose software indirectly created the billion dollar anti-virus industry) have insisted on calling some functions for regular visitors from wp-admin directory, which should be reserved strictly for admin.

One of the current issues is the calling of farbtastic.css from wp-admin/css directory: /wp-admin/css/farbtastic.css.

If you have password-protected wp-admin directory, your visitors will be shown a forbidden sign when this file is called.

To solve this problem, you will need to whitelist this particular file or all .css files, just in case the developers add another calling to the wp-admin/css directory.

The modified .htaccess file in wp-admin directory looks like this

AuthName “protected”
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from 192.168.100.1
</Limit>

#whitelisting wp-admin files
<Files “*.css” >
Order allow,deny
Allow from all
Satisfy any
</Files>

The example assumes your static IP is 192.168.100.1. If your IP address is assigned dynamically by your ISP, you may use “192.168.100.” to cover possible IP changes. If you find yourself locked out due to IP change, find your new IP, and change the old or add the new IP into .htaccess file.

Whitelisting will ensure any web-browser calling by regular visitors for any css files from wp-admin will be honored, not denied.

Be sure to check your log file to spot any denied calling to wp-admin directory and add them to the whitelist accordingly.

Related:  How to Create Tables in WordPress with a Plugin?
Continue Reading
You may also like...

We are a WordPress plugin developer company that focuses on useful WordPress plugin creation and empowering people to earn passive incomes from their blogs. We build unique and groundbreaking plugins that will revolutionize your blog!

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in solution

    Sign up for our newsletter and get a free affiliate e-book!

    About Me:

    Szabi Kisded

    Hi, my name is Szabi and I'm documenting my journey selling plugins on CodeCanyon. I will show you every step of it: learning to code, plugin ideas, WordPress stuff and more. Read more…

    Mega Plugin Bundle:

    CodeCanyon Portfolio:

    Online Courses:

    Latest Promotions:

    Recommended Theme:

    Start Your Own Blog:

    Translate Your Blog:

    AdSense Alternative:

    Best Article Spinner:

    Popular Posts:

    Latest Posts:

    To Top

    Privacy Preference Center

        Necessary

        Advertising

        Analytics

        Other