Create .htaccess Password for wp-login Page

Abhishek Ghosh

By Abhishek Ghosh April 4, 2014 8:25 am Updated on April 4, 2014

Create .htaccess Password for wp-login Page

Create .htaccess Password for wp-login Page for Your Rackspace Cloud Server or Any Equivalent Server to Protect From Brute Force Attacks. This is among a series of articles to increase the security of unmanaged Rackspace Cloud Server instances. One can start reading from How To Install WordPress on Ubuntu 13.10 on Rackspace Cloud Server for a complete guide to create an unmanaged WordPress Instance.

Create .htaccess Password for wp-login Page : For LAMP Server Only

Apache is more Stable, Secure and Robust web-server software. At least for WordPress, on unmanaged server, it is quite risky to run ngnix. The combination of this security is only for LAMP Server. At least, this measure can decrease the brute force attacks, getting indexed by Google bots etc. Further, we will increase the security of whole wp-admin folder, wp-config file to disallow Google bots to scrape data, decrease our risks of privacy and security matter in these PRISM days. As you are using an unmanaged server, 24 hours human security is not present.

Create .htaccess Password for wp-login Page : From Command Line

SSH to your Server.

Step 1
=======

Create a folder in a valid path. Ownership must not be given to www-data (Apache). Command :

mkdir -p /var/passwords

1	mkdir -p /var/passwords

Hit Enter.

Step 2
=======

Check whether the folder exists now :

cd /var/passwords

1	cd /var/passwords

Step 3
=======

Open the .htaccess file and add these lines. You path must be your’s, difficult to guess and username should be
unique like abhishek. You must not use only abhishek but make it more difficult to guess. We are using username
as an example.

Create .htaccess Password for wp-login Page
Open the .htaccess file :

nano /var/www/.htacesss

1	nano /var/www/.htacesss

We are assuming that your wordpress is installed at /var/www/

Here is a helper video, the steps will be like we have done on our Mac :

append sudo in front of the above commands if you are not the root. Add these lines (modify for your own) :

<FilesMatch "wp-login.php">
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /var/passwords/.htpasswd
Require valid-user
</FilesMatch>

1

2

3

4

5

6

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/passwords/.htpasswd

Require valid-user

</FilesMatch>

Step 4
=======
Run this command :

sudo htpasswd -c /etc/passwords/.htpasswd username

1	sudo htpasswd -c /etc/passwords/.htpasswd username

Again, are using username as an example. It is a command line wizard which will ask you for password. Restart apache :

sudo service apache2 restart

1	sudo service apache2 restart

Tagged With add htaccess password WP , htaccess for wp-login

Create .htaccess Password for wp-login Page

Create .htaccess Password for wp-login Page : For LAMP Server Only

Create .htaccess Password for wp-login Page : From Command Line

This Article Has Been Shared 521 Times!

About Abhishek Ghosh

Here’s what we’ve got for you which might like :

Take The Conversation Further ...

Get new posts by email:

Create .htaccess Password for wp-login Page : For LAMP Server Only

Create .htaccess Password for wp-login Page : From Command Line

This Article Has Been Shared 521 Times!

About Abhishek Ghosh

Here’s what we’ve got for you which might like :

Articles Related to Create .htaccess Password for wp-login Page

Take The Conversation Further ...

Get new posts by email: