Setup basic auth on wp-admin directory

Last Updated at : February 4, 2018 By - Usama Muneer | 1571

    If you’re running a WordPress website or blog, its always a good practice to setup some sort of security for your admin area & restrict access for smart users.

    The most basic thing to do is setup a basic auth for your wp-admin directory and wp-login.php so that none can pass through except for the authors or users who are authorised.

    Step # 01 – Create .htpasswds file

    Right in your document root, create an empty .htpasswds file, like so

    <Document-root> touch .htpasswds

    Step # 02 – Generate .htpasswds contents

    Head over to this online tool and generate your .htpasswds contents & paste the output in your .htpasswds from step 1.

    Step # 03 – Create .htaccess file for wp-admin

    Inside of your wp-admin directory, create .htaccess file and paste the following code

    AuthUserFile /path/to/your/root/.htpasswds
    AuthType basic
    AuthName "Restricted Resource"
    require valid-user
    # This is the whitelisting of the ajax handler
       <Files admin-ajax.php>
         Order allow,deny
         Allow from all
         Satisfy any
       </Files>

    That’s it. save the file, head over to the browser and try accessing your wp-admin area, it now should ask for your username & password for authentication.

    blog user
    Usama Muneer

    A web enthusiastic, self-motivated & detail-oriented professional Full-Stack Web Developer from Karachi, Pakistan with experience in developing applications using JavaScript, WordPress & Laravel specifically. Loves to write on different web technologies with an equally useful skill to make some sense out of it.

    Related Posts

    Getting an app developed is not the only thing that one needs to ensure in terms of digital visibility and e-commerce. Yes, having an app is important but to stay updated and to be abreast with the competition Optimization of performance is necessary.

    There are many requiring paid products for this purpose, but we would like to select free of charge very functional and at the same time of simple in the use editor - Codelobster PHP Edition.

    Telescope gives knowledge into the solicitations coming into your application, exemptions, log sections, database questions, lined employments, mail, notices, reserve activities, planned errands, variable dumps and that's just the beginning.

    Laravel Live Islamabad, ended on 24th Nov'18 & we got a lot to learn from the top-notch of speakers & influencers. Thanks to the sponsors for pulling off such a great event in the capital of Pakistan.