cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution
New

Password protect wp-login.php?

Hello. I want to put a password on a single file - wp-login.php. We get so many attempts on this file, I need to shut it down. Is there a way to do this? I tried mucking around with .htaccess and password files but could not get it to work.

 

Help!! Thanks in advance.  🙂

4 REPLIES 4
Anonymous
Not applicable

Re: Password protect wp-login.php?

Hi @emmy,

godaddy give password protection to folders, what's to stop you having a single file in that folder?

Read here: https://uk.godaddy.com/help/password-protecting-a-directory-in-your-shared-hosting-account-4057

 

hope this helps

New

Re: Password protect wp-login.php?

I can't password protect the folder it's in because that would make the whole website have a password. I can't move the file because it's a core WordPress file. So I have to protect just that one file. I've done it on numerous sites (at other hosts) but it's not working on this one.

Anonymous
Not applicable

Re: Password protect wp-login.php?

Hi @emmy,

 

Are you sitting comfortably? Here we go then:https://en.wikipedia.org/wiki/OpenSSL

There is software out there to do this, but you will have to check with docs to find out if you can apply it with Wordpress on your hosting.

These folk who keep trying to hack in, you can get their IP's and block them.

 

New
Solution

Re: Password protect wp-login.php?

So, I ended up blocking everything except from our IP address. This is not an ideal solution, but it accomplishes the goal of protecting our site from hack attempts. I added this to our .htaccess file:

 

<Files wp-login.php>
order deny,allow
Deny from all

allow from xx.xxx.xx.xx

</Files>

 

Of course, replacing the xx.xxx.xx.xx with our IP. Not the best solution, but it works for now.