Can we protect wp-admin directory of WordPress?

Replies

• 

  Kaustubh Katdare

  Pranav Kathale

  I have a WordPress Blog and I was wondering, is there any way to password protect our main admin directory (wp-admin)? This is the main directory and I want to protect it.
  Firstly I will pass the credentials for the wp-admin directory and then enter main login details for our WordPress Blog.

  Yes, you can and you should protect the wp-admin directory. The first method I think it to change the directory name to something else and make adjustments to the config.php.
  
  Second and simpler method is to protect the directory using password protection. You can check your host control panel for directory protection.
• 

  Pranav Kathale

  In the mean time, I have found one Plugin for the same purpose. Plugin provides the facility to create a username-password for securing wp-admin.
  Is it worth using plugin or default CPanel should be used?
• 

  Kaustubh Katdare

  Pranav Kathale

  In the mean time, I have found one Plugin for the same purpose. Plugin provides the facility to create a username-password for securing wp-admin.
  Is it worth using plugin or default CPanel should be used?

  Why add plugins? You can simply login to your web host control panel, select the directory you want to password protect and specify a username and password. It's easy. I'm not in favor of using plugins.
• 

  Pranav Kathale

  I tried protecting directory. I have created username-pass for the directory and enabled protection. But, its not working.
  After enabling this, when we try to access /wp-admin/, I am getting "404 error". Why so?
  And when we again remove that directory from the protection, I am getting access to WordPress Login.
  What is happening?
• 

  jgeorge

  Pranav Kathale

  In the mean time, I have found one Plugin for the same purpose. Plugin provides the facility to create a username-password for securing wp-admin.
  Is it worth using plugin or default CPanel should be used?

  If you’ve been trying to password protect your wordpress wp-admin directory you’ll probably have encountered an issue when using Cpanel's “Password Protect Directories” tool.
  It’s because when the tool is used it doesn’t set the .htaccess file the right way this causing a “404 error”. The simple fix is to use the “Password Protect Directories” to protect the wp-admin folder then to download the created .htaccess and edit to look like this.
  ErrorDocument 401 default
  AuthType Basic
  AuthName "Name You Gave Your Protected Directory"
  AuthUserFile /home/YOURSERVERDEFAULTFOLDER/.htpasswds/public_html/wp-admin/passwd
  require valid-user
  Then upload it and you’ll have effectively managed to password protect the directory.
• 

  jgeorge

  Pranav Kathale

  In the mean time, I have found one Plugin for the same purpose. Plugin provides the facility to create a username-password for securing wp-admin.
  Is it worth using plugin or default CPanel should be used?

  this link might be helpful.. #-Link-Snipped-#
• 

  PraveenKumar Purushothaman

  You can use the .htaccess files to prevent the entry. Also, you can use the hotlink protection to check out the cookies before entering the wp-admin folder. 😀
• 

  Kaustubh Katdare

  Praveen-Kumar

  You can use the .htaccess files to prevent the entry. Also, you can use the hotlink protection to check out the cookies before entering the wp-admin folder. 😀

  Yep, in that case, the password will have to be encrypted.
• 

  PraveenKumar Purushothaman

  The_Big_K

  Yep, in that case, the password will have to be encrypted.

  The general public would not be having the access to see the .htpasswd contents right? Even .htaccess, so is there a problem? 👀
• 

  Pranav Kathale

  Quick and completely worth replies. 😀
  Thanks.