Can we protect wp-admin directory of WordPress?

Pranav Kathale

Pranav Kathale

@pranav-xR4cnN Oct 26, 2024
I have a WordPress Blog and I was wondering, is there any way to password protect our main admin directory (wp-admin)? This is the main directory and I want to protect it.
Firstly I will pass the credentials for the wp-admin directory and then enter main login details for our WordPress Blog.
Like 0 Replies 10

Replies

Welcome, guest

Join CrazyEngineers to reply, ask questions, and participate in conversations.

Sign up Log in

CrazyEngineers powered by Jatra Community Platform

  • Kaustubh Katdare

    Kaustubh Katdare

    @thebigk Dec 21, 2011

    Pranav Kathale
    I have a WordPress Blog and I was wondering, is there any way to password protect our main admin directory (wp-admin)? This is the main directory and I want to protect it.
    Firstly I will pass the credentials for the wp-admin directory and then enter main login details for our WordPress Blog.
    Yes, you can and you should protect the wp-admin directory. The first method I think it to change the directory name to something else and make adjustments to the config.php.

    Second and simpler method is to protect the directory using password protection. You can check your host control panel for directory protection.
    0
  • Pranav Kathale

    Pranav Kathale

    @pranav-xR4cnN Dec 21, 2011

    In the mean time, I have found one Plugin for the same purpose. Plugin provides the facility to create a username-password for securing wp-admin.
    Is it worth using plugin or default CPanel should be used?
    0
  • Kaustubh Katdare

    Kaustubh Katdare

    @thebigk Dec 21, 2011

    Pranav Kathale
    In the mean time, I have found one Plugin for the same purpose. Plugin provides the facility to create a username-password for securing wp-admin.
    Is it worth using plugin or default CPanel should be used?
    Why add plugins? You can simply login to your web host control panel, select the directory you want to password protect and specify a username and password. It's easy. I'm not in favor of using plugins.
    0
  • Pranav Kathale

    Pranav Kathale

    @pranav-xR4cnN Dec 21, 2011

    I tried protecting directory. I have created username-pass for the directory and enabled protection. But, its not working.
    After enabling this, when we try to access <site_name>/wp-admin/, I am getting "404 error". Why so?
    And when we again remove that directory from the protection, I am getting access to WordPress Login.
    What is happening?
    0
  • jgeorge

    jgeorge

    @jgeorge-0LTnP9 Dec 22, 2011

    Pranav Kathale
    In the mean time, I have found one Plugin for the same purpose. Plugin provides the facility to create a username-password for securing wp-admin.
    Is it worth using plugin or default CPanel should be used?
    If you’ve been trying to password protect your wordpress wp-admin directory you’ll probably have encountered an issue when using Cpanel's “Password Protect Directories” tool.
    It’s because when the tool is used it doesn’t set the .htaccess file the right way this causing a “404 error”. The simple fix is to use the “Password Protect Directories” to protect the wp-admin folder then to download the created .htaccess and edit to look like this.
    ErrorDocument 401 default
    AuthType Basic
    AuthName "Name You Gave Your Protected Directory"
    AuthUserFile /home/YOURSERVERDEFAULTFOLDER/.htpasswds/public_html/wp-admin/passwd
    require valid-user
    Then upload it and you’ll have effectively managed to password protect the directory.
    0
  • jgeorge

    jgeorge

    @jgeorge-0LTnP9 Dec 22, 2011

    Pranav Kathale
    In the mean time, I have found one Plugin for the same purpose. Plugin provides the facility to create a username-password for securing wp-admin.
    Is it worth using plugin or default CPanel should be used?
    this link might be helpful.. #-Link-Snipped-#
    0
  • PraveenKumar Purushothaman

    PraveenKumar Purushothaman

    @praveenkumar-66Ze92 Dec 22, 2011

    You can use the .htaccess files to prevent the entry. Also, you can use the hotlink protection to check out the cookies before entering the wp-admin folder. 😀
    0
  • Kaustubh Katdare

    Kaustubh Katdare

    @thebigk Dec 22, 2011

    Praveen-Kumar
    You can use the .htaccess files to prevent the entry. Also, you can use the hotlink protection to check out the cookies before entering the wp-admin folder. 😀
    Yep, in that case, the password will have to be encrypted.
    0
  • PraveenKumar Purushothaman

    PraveenKumar Purushothaman

    @praveenkumar-66Ze92 Dec 22, 2011

    The_Big_K
    Yep, in that case, the password will have to be encrypted.
    The general public would not be having the access to see the .htpasswd contents right? Even .htaccess, so is there a problem? 👀
    0
  • Pranav Kathale

    Pranav Kathale

    @pranav-xR4cnN Dec 22, 2011

    Quick and completely worth replies. 😀
    Thanks.
    0