Search The Site

How to Password Protect wp-admin In Wordpress

Prevent hacking attempts in your WordPress blog and or website by password protecting the administration folder. WordPress has had and will continue to have security holes as most software does so it would be a good idea to password protect the admin folder and stop hackers before they start. If you use WordPress as a blogging application or use it for your entire website you need to read this article and take heed.

If you are using Apache as your web server and most of you probably are, there is a procedure we can do that will enable us to assign a password for any folder, this password will be separate from your WordPress password.

The directory that most concerns us in WordPress is the wp-admin directory. What we want to accomplish is locking down this folder so authorized users are the only ones with access to it. You will need shell access to your server to accomplish this task. If you login to your cpanel you should see a link titled SSH/Shell Access that is where you want to go to complete this task. If you do not have shell access on your server you will have to get your hosting provider to do this for you. SSH allows secure file transfer and remote logins over the internet. Your connection via SSH is encrypted allowing the secure connection. SSH (Secure Shell) is a program to log into another computer/server over a network securely. It provides strong authentication and secure communications over insecure channels. Your login, commands, text are all encrypted when using ssh.

Let’s face the facts here though. Most people know how to use WordPress and that is about the extent of their technical abilities. Not everyone is a programmer and your hosting company will probably charge you in order to do this for you. There has to be an easier way. There has to be a way to lockdown the wp-admin folder without having to be a certified system engineer. Well guess what, there is an easier way.

To lockdown the wp-admin folder do the following:

  • Login to your CPanel. Not sure of how to get to your CPanel? Try typing in your web address followed by cpanel. For example open up your web browser and type the following information into the address bar; http://www.yourdomainname.com/cpanel You should now see a login screen. Enter your username and password and click Enter.
  • You should now see a screen similar to the one illustrated below.

cpanel

Scroll down the list in CPanel until you see a link titled Password Protect Directories as illustrated below.

cpanel password protect directories

Click Password Protect Directories and then click the folder you would like to protect as illustrated below.

protect directories

Click Password Protect This Directory and then give the directory a name. The name can be anything you wish. Then click Save as illustrated below.

Type in a username and a password and then click Add/Modify Authorized User as seen in the illustration below.

protect directories

That is it, you have now successfully protected the wp-admin folder from unauthorized users.