Prevent unauthorized WordPress wp-admin and wp-login.php attempts

 01.  Login in to cPanel

 02. Click Directory Privacy

 03. Click the folder icon next to public_html

 04. Click wp-admin

 05. Select Password protect this directory

 06. Enter WordPress Admin for Name then click Save

 07. Click Go Back

 08. Under Create User enter a Username, click Password Generator to create a strong password.

 09. Save the password, click I have copied this password in a safe place and click Use Password

 10. Click Save at the bottom of the page

 11. Go back to cPanel home page and click File Manager

 12. Open public_html directory

 13. Open wp-admindirectory

 14. Select .htaccess and click Edit

 15. Add below text in the file

ErrorDocument 401 "Unauthorized"
ErrorDocument 403 "Forbidden"

# Allow admin-ajax.php access
<files admin-ajax.php>
Order allow,deny
Allow from all
Satisfy any
</files>

 

   17. Click public_html on the left
   18. Select .htaccess and click Edit
   
19. At the top of the file enter the code below

ErrorDocument 401 "Unauthorized"
ErrorDocument 403 "Forbidden"
 
<filesmatch "wp-login.php">
AuthType Basic
AuthName "WordPress Admin"
AuthUserFile "/home/USERNAME/.htpasswds/public_html/wp-admin/passwd"
require valid-user
</filesmatch>

   20. Note: Replace *USERNAME* with your cPanel username
   21. Click Save Changes

 
 
  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

How do I have WordPress update plugins and themes automatically?

WordPress will automatically apply minor release updates to your site, so you can be sure...

Displaying the most recent posts from a single category in WordPress

Have you ever seen a site that showed the most recent post or posts from a single category? If...

How do I disable automatic updating in WordPress?

One of the many features added to WordPress in 3.7 was automatically updating for minor releases....

Recovering from the dreaded "eval(gzinflate(base64_decode" attack

So you're running a WordPress site and one day you realize that your search engine traffic is...

How do I embed a Facebook status in a WordPress post?

Facebook now allows you to embed a status update anywhere you want online. One popular place to...