Password Protect Your WordPress Login Page - Brute Force Attack Prevention | WP Learning Lab

Thanks! Share it with your friends!

URL

You disliked this video. Thanks for the feedback!

Sorry, only registred users can create playlists.

ULTRAFAST, CHEAP, SCALABLE AND RELIABLE! WE STRONGLY RECOMMEND ACCU WEB HOSTING COMPANY

Password Protect Your WordPress Login Page - Brute Force Attack Prevention | WP Learning Lab

Watch Wordpress WPLearningLab Video: Password Protect Your WordPress Login Page - Brute Force Attack Prevention | WP Learning Lab. Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL
Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist
Password Protect Your WordPress Login Page - Brute Force Attack Prevention | WP Learning Lab

# Password protect the wp-login.php file

ErrorDocument 401 "Unauthorized Access"
ErrorDocument 403 "Forbidden"
(left pointy bracket)FilesMatch "wp-login.php"(right pointy bracket)
AuthName "Authorized Only"
AuthType Basic
AuthUserFile /home/username/.wpadmin
require valid-user
(left pointy bracket)/FilesMatch(right pointy bracket)

# Password protect the wp-login.php file

You doesn't allow the pointy brackets (Shift period and Shift comma) so make sure they match what you see in the video.

http://www.htaccesstools.com/htpasswd-generator/

In this tutorial I'm going to show you how to password protection your WordPress login page. Yes, you read that correctly, you'll have to log in before you can log in.

Why is this a good idea?

When Brute Force Hackers try to guess your username and password they do so in one of two places: the login page or the XMLRPC.php file (learn to protect XMLRPC.php here: https://youtu.be/WiIaz-Ik3tE)

If the hacker can't access the login page then they can't even being to guess your username and password. Of course you want to protect the login.php file with a username and password that doesn't also have an account on your website.

So let's get started.

First things first, we have to create a .wpadmin file in the user folder of your hosting account (this is a level above your website folders).

Then we go to this website, http://www.htaccesstools.com/htpasswd-generator/, to generate the code for the .wpadmin file. Copy and paste the code that you generate into the file and save it.

Following that we put the code from the very top of this description into the .htaccess found in the root of the website folder. Save that file when you're done.

Now when anyone tries to access to the default WordPress login page (wp-login.php) they will be required to enter a username and password first.

After they've successfully entered those details they will be taken to the login page where the can log into the WordPress site.

This is great for WordPress security, hacker proofing and reducing the likelihood of a successful brute force attack.

I hope this information helps you! If you have any questions leave a comment below or ping me @WPLearningLab on Twitter.

--------------

If you want more excellent WordPress information check out our website where we post WordPress tutorials daily.

http://wplearninglab.com/

Connect with us:

WP Learning Lab Channel: http://www.youtube.com/subscription_center?add_user=wplearninglab

Facebook: https://www.facebook.com/wplearninglab

Twitter: https://twitter.com/WPLearningLab

Google Plus: http://google.com/+Wplearninglab

Pinterest: http://www.pinterest.com/wplearninglab/

Change WordPress Admin Username Via MySQL - Brute Force Attack Prevention | WP Learning Lab. Brute Force Login Attacks Explained - Better WordPress Security | WP Learning Lab. WordPress Login Lockdown Stops Brute Force Attacks On The Login Page. Limit Login Attempts Plugin - Use It To Stop Brute Force Attacks | WP Learning Lab. WordPress Password Protect Page or Post | WP Learning Lab. How To Move WordPress Login Page For WordPress Security & Hack Prevention | WP Learning Lab. Limit WordPress WP-Admin Access To Specific IPs - Keep Brute Force Hackers Out | WP Learning Lab. Disable WordPress XMLRPC.PHP - Common Brute Force Hacker Exploit | WP Learning Lab. WordPress Admin Login Hide & Protect Your Dashboard Login Page. How to Password Protect a Page or Post in WordPress. Prevent Brute Force Attacks In WordPress in 2020. Password Protect WordPress: How To Use Password Protected Plugin.

Show more

Published:
Category: Wordpress WPLearningLab
64 Views

Related Videos

Free Web Hosting
RECOMMENDED WEB HOSTING

FASTCOMET

Fastcomet

HOSTGATOR

HOSTGATOR

BLUEHOST

BLUEHOST

SITEGROUND

SITEGROUND

A2 HOSTING

A2 HOSTING

HOSTINGER

HOSTINGER

DREAMHOST

DREAMHOST

ACCU WEBHOSTING

ACCU WEBHOSTING

MILESWEB

MILESWEB

HOSTPAPA

HOSTPAPA


RSS