Home / Wordpress / How to protect against unwanted WordPress wp admin & wp login attempts ?
unwanted login attackes

How to protect against unwanted WordPress wp admin & wp login attempts ?

In this article we will look how to to lock down and password protect your WordPress website from invalid login attempts. We’ll do this by limiting access to the /wp-admin directory and the wp-login.php script.

Follow the following steps:

  • In cpanel panel find the Security section in that click on Password Protect Directories.
  • Select theDocument Root for your domain,and  click on  Go.
  • Click on yourwp-admin
  • CheckPassword protect this directory, give it a name as per your convenience, then click Save. And go back
  • And fill the detailsas username and password on generate password.
  • Now type in aUsername, then click on Add/modify authorized user.
  • Now Try to access your/wp-admin  Your browser will prompt you for the password you just created. Type in your username / password, and click Log In.
  • Now go back to cPanel.Under theFiles section, click on File Manager.Select the Document Root for your domain.Check Show Hidden Files, then click on the Go button.
  • expandpublic_html.Click on wp-admin, then right-click on your .htaccess Then click on Edit .For the encoding pop-up, click on Edit again to bypass that.
  • Copy all the code in the.htaccess

            ErrorDocument 401 “Denied”
            ErrorDocument 403 “Denied”
            # Allow plugin access to admin-ajax.php around password protection
           <Files admin-ajax.php>
           Order allow,deny
           Allow from all
            Satisfy any

  • From the left-hand directory listing, click onpublic_html.Right-click on your .htaccess file, then click on Edit.
  • Now paste the.htaccess code you copied, in-between some<FilesMatch> tags, so that it ends up looking like this:

  ErrorDocument 401 “Denied”
ErrorDocument 403 “Denied”
<FilesMatch “wp-login.php”>
AuthType Basic
AuthName “Secure Area”
AuthUserFile “/home/example/.htpasswds/public_html/wp-admin/passwd”
require valid-user

And save the .htaccess file.

About Chetan Kalbande

• Working knowledge in Magento, Wordpress, Joomla, PHP, HTML5, CSS3, Bootstrap front-end framework and Foundation front-end framework. Experience of PSD to HTML and HTML to Wordpress. Having knowledge on theme development of Wordpress, directory structure and responsive UI of Magento. E-Commerce development using Magento, Opencart, Woo-Commerce . Clean , attractive and responsive website development using Wordpress and Drupal. Estimation, design and development of various modules. Work on Search Engine Optimization to improve the search engine rank of website. Working knowledge and handling experience of Google Absence and different affiliates account. • Knowledge of Jquery Mobile, Android application development and Phone gap. Experience of Developing and maintaining web base portal or directory website. Work closely with the other team members to meet client goals. Promote on page SEO activities and also the interactions that build ranking, profile and traffic.

Check Also


Download Realty – Unique Real Estate WordPress Theme

Realty is a fully-fledged property management system for real estate agents and companies. Accept free ...

Leave a Reply