Connect with us

How to password protect the wp-admin directory from WordPress?


How to password protect the wp-admin directory from WordPress?

Password protecting your wp-admin directory is one of the  recommended security measures to harden security-leaking WordPress websites.

It is a very simple effective security measure but it also has potential to disrupt the rendering of the WordPress site because the security-mind-seriously-lacking developers (kind of reminding us the well-known company whose software indirectly created the billion dollar anti-virus industry) have insisted on calling some functions for regular visitors from wp-admin directory, which should be reserved strictly for admin.

One of the current issues is the calling of farbtastic.css from wp-admin/css directory: /wp-admin/css/farbtastic.css.

If you have password-protected wp-admin directory, your visitors will be shown a forbidden sign when this file is called.

To solve this problem, you will need to whitelist this particular file or all .css files, just in case the developers add another calling to the wp-admin/css directory.

The modified .htaccess file in wp-admin directory looks like this

AuthName “protected”
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from

#whitelisting wp-admin files
<Files “*.css” >
Order allow,deny
Allow from all
Satisfy any

The example assumes your static IP is If your IP address is assigned dynamically by your ISP, you may use “192.168.100.” to cover possible IP changes. If you find yourself locked out due to IP change, find your new IP, and change the old or add the new IP into .htaccess file.

Whitelisting will ensure any web-browser calling by regular visitors for any css files from wp-admin will be honored, not denied.

Be sure to check your log file to spot any denied calling to wp-admin directory and add them to the whitelist accordingly.

Related:  Fix Maximum Execution Time Exceeded Error in WordPress
Continue Reading
You may also like...

We are a WordPress plugin developer company that focuses on useful WordPress plugin creation and empowering people to earn passive incomes from their blogs. We build unique and groundbreaking plugins that will revolutionize your blog!

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in solution

    Sign up for our newsletter and get a free affiliate e-book!

    About Me:

    Szabi Kisded

    Hi, my name is Szabi and I'm documenting my journey earning an online (semi)passive income. Learn more

    Mega Plugin Bundle:

    CodeCanyon Portfolio:

    Online Courses:

    Recommended Theme:

    Popular Posts:

    Latest Posts:

    To Top