Setup basic auth on wp-admin directory

February 4, 2018 By - Usama Muneer | 671

    If you’re running a WordPress website or blog, its always a good practice to setup some sort of security for your admin area & restrict access for smart users.

    The most basic thing to do is setup a basic auth for your wp-admin directory and wp-login.php so that none can pass through except for the authors or users who are authorised.

    Step # 01 – Create .htpasswds file

    Right in your document root, create an empty .htpasswds file, like so

    <Document-root> touch .htpasswds

    Step # 02 – Generate .htpasswds contents

    Head over to this online tool and generate your .htpasswds contents & paste the output in your .htpasswds from step 1.

    Step # 03 – Create .htaccess file for wp-admin

    Inside of your wp-admin directory, create .htaccess file and paste the following code

    AuthUserFile /path/to/your/root/.htpasswds
    AuthType basic
    AuthName "Restricted Resource"
    require valid-user
    # This is the whitelisting of the ajax handler
       <Files admin-ajax.php>
         Order allow,deny
         Allow from all
         Satisfy any
       </Files>

    That’s it. save the file, head over to the browser and try accessing your wp-admin area, it now should ask for your username & password for authentication.

    blog user
    Usama Muneer

    A web enthusiastic, self-motivated & detail-oriented professional Full-Stack Web Developer from Karachi, Pakistan with experience in developing applications using JavaScript, WordPress & Laravel specifically. Loves to write on different web technologies with an equally useful skill to make some sense out of it.

    Related Posts

    PHP has been one of the most famous frameworks for web building due to it many features like top security, cross-platform compatibility and many others.

    If you've no idea what macroable functionality is, take it as something you want to extend in within Laravel with a piece of code that doesn't exists in the Class.

    The back-end is one of the integral parts of modern web application development & PHP is one of most preferred platforms.

    If you're on MacOSX & use Laravel valet for managing your development environment. Then this issue might arouse when you try to upgrade your PHP version or even Laravel Valet. But there's an easy fix for that.