Language:

Search

Configurar autenticación básica en el directorio wp-admin

  • Share this:
Configurar autenticación básica en el directorio wp-admin

If you're running a WordPress website or blog, its always a good practice to setup some sort of security for your admin area & restrict access for smart users.

The most basic thing to do is setup a basic auth for your wp-admin directory and wp-login.php so that none can pass through except for the authors or users who are authorised.

Step # 01 - Create .htpasswds file

Right in your document root, create an empty .htpasswds file, like so

<Document-root> touch .htpasswds

Step # 02 - Generate .htpasswds contents

Head over to this online tool and generate your .htpasswds contents & paste the output in your .htpasswds from step 1.

Step # 03 - Create .htaccess file for wp-admin

Inside of your wp-admin directory, create .htaccess file and paste the following code

AuthUserFile /path/to/your/root/.htpasswds
AuthType basic
AuthName "Restricted Resource"
require valid-user
# This is the whitelisting of the ajax handler
   <Files admin-ajax.php>
     Order allow,deny
     Allow from all
     Satisfy any
   </Files>

That's it. save the file, head over to the browser and try accessing your wp-admin area, it now should ask for your username & password for authentication.

Usama Muneer

Usama Muneer

A web enthusiastic, self-motivated & detail-oriented professional Full-Stack Web Developer from Karachi, Pakistan with experience in developing applications using JavaScript, WordPress & Laravel specifically. Loves to write on different web technologies with an equally useful skill to make some sense out of it.