We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
In this guide I will walk you through limiting access to the /wp-admin directory, and the wp-login.php script, which will lock down and password protect your WordPress website from invalid login attempts.
If you haven't already, I'd suggest checking out my article about the WordPress brute force attack that has recently been going on that prompted me to write this article.
Using the steps below, I'll show you how to create password protection for your /wp-admin directory, as well as how to copy those rules over to also protect your wp-login.php script.
Please note that it's been reported to us in certain cases following these steps will result in a re-direct loop. If you're having that issue, please ensure you have the following two entries at the top of both .htaccess files:
ErrorDocument 401 "Denied"
ErrorDocument 403 "Denied"
<FilesMatch "wp-login.php"> AuthType Basic AuthName "Secure Area" AuthUserFile "/home/example/.htpasswds/public_html/wp-admin/passwd" require valid-user </FilesMatch>
Then click on Save Changes up at the top-right. Now if someone tries to directly login via wp-login.php they will be prompted for a valid user as well.
Congratulations, now you know how to protect your WordPress website from unauthorized login attempts, by requiring a username and password before an attempt to directly login to WordPress is even allowed.
We value your feedback!
|1.||Stopping Unauthorized Login Attempts to wp-admin and wp-login.php in WordPress|
|2.||Allowing Access to the wp-admin by IP Address|
|3.||Protecting Your Wordpress Site with the BulletProof Security Plugin|
|4.||How to Protect Your Wordpress site with the Wordfence Security Plugin|
|5.||Protecting Your Website with the Better WP Security Plugin|
|6.||Protect Your Wordpress Site with the MVIS Security Center Plugin|
|7.||Using the Login Security Solution Plugin in Wordpress|
|8.||Using the Simple Security Plugin for Wordpress|
|9.||Using Security Ninja Lite to Protect Your Wordpress Site|
|10.||Working with the Look-See Security Scanner Plugin for Wordpress|
|11.||Using the Sucuri Security - SiteCheck Malware Scanner Wordpress Plugin|
|12.||Protecting Wordpress with the ICS Security Fixes Plugin|
|13.||Site Protection Using the WangGuard Plugin for Wordpress|
|14.||Protecting Your Wordpress Website with the OSE Firewall Plugin|
|15.||Using the Anti-Malware (Get Off Malicious Scripts) Plugin for Wordpress|
|16.||Using the Skt NURCaptcha Wordpress Plugin|
|17.||Protecting Wordpress Site with the WP Login Alerts Plugin|
|18.||Protecting Your Wordpress Site with the WP Safely Disable Directory Browsing Plugin|
|19.||Protecting Your Wordpress Website with the Verelo Blog Monitoring Plugin|
|20.||Protecting Your Wordpress Site with the WP Sanitize Plugin|
|21.||Using the Wordpress Sentinel Plugin to Protect Your Site|
|22.||Protecting your Wordpress Site with the Old Core Files Plugin|
|23.||Using the File Inspection Plugin to Protect Your Wordpress Site|
|24.||Securing Your Site with the WordPress File Monitor Plus Plugin|
|Email:||support@WebHostingHub.com||Ticket:||Submit a Support Ticket|
|Chat:||Click To Chat Now|