How to password protect your wordpress admin directory (wp-admin)

How to password protect wordpress admin directoryEach and every wordpress users know the login page that is www.yourwpsite.com/wp-admin. First thing hackers try on these wordpress site is to access your site through wp-login page. If you need some extra security for your site why don’t you add an additional authentication to your login page? How to password protect your wordpress admin directory? Adding additional authentication to your login page is easy. Just follow the steps carefully in this article.

To do this you will need to login to your sites control panel. Sites that use cPanel web hosting can benefit from this article. Since cPanel has more features we are using it.

Using cPanel Interface

  1. In your cPanel open “password protected directories” in security tab and select your website directory.
  2. Now select wp-admin folder which takes to password protected directories where it says “Set permissions for /home/user/public_html/wp-admin”
  3. Now check password protect this directory and name the protected directory something like “admins only” or “only admins allowed”.
  4. Create username and password for your directory, then click save.

How to password protect your wordpress admin directory

How to password protect your wordpress admin directory
That’s it you are done! Now clear your browser cache and open your wp-admin page you can see the one like image below. Now you got two logins for your wordpress! Double security right!

How to password protect your wordpress admin directory

Related: How to prevent wordpress site from being hacked

Manual method (know this too)

Note:  “user” is your username for cPanel

  1. First use this service http://www.htaccesstools.com/htpasswd-generator to create htpasswd file.
  2. Upload this file here in this directory location [ /home/user/.htpasswds/public_html/wp-admin/passwd]
  3. Now open this directory [/home/user/public_html/wp-admin] and use the code below and save as .htaccess file and upload.
AuthName "Only Admins"
AuthUserFile /home/user/.htpasswds/public_html/wp-admin/passwd
AuthGroupFile /dev/null
AuthType basic
require user typeyourusername
<Files admin-ajax.php>
       Order allow,deny
       Allow from all
       Satisfy any
</Files>

[box style=”light-blue note shadow” ]Note: change it to your username that you created for your authentication where it says “typeyourusername”[/box]

That’s it you have done! Now open your sites wp-login page and you can see the authentication required box.

If you get 404 error or too many redirect errors just paste the following code in your main .htaccess file just before the code starts. The .htaccess location can be seen in /home/user/public_html

ErrorDocument 401 default

If you get any errors please notify through comments. If you have done creating your authentication successfully please comment and share this post