Securing WordPress Admin in Linux

This article shows you how to add an additional password to your wp-admin folder under WordPress® on Linux shared hosting. A few important things you need before you get started:
  • This article is for advanced users. If these steps are done incorrectly, you could interrupt the connection between the server and database.
  • You need to know what a .htaccess file is and be comfortable editing one.
Why add an additional password?

You can add an extra layer of security by requiring an additional password before users are allowed to access your wp-admin folder. This can prevent attacks that attempt to bypass the WordPress admin login.

Requiring an additional password shouldn't interfere with plugins, themes, and stock WordPress installations.

To Secure WordPress Admin in Linux

  1. Set up password protection on your WordPress installation's wp-admin directory. For more information, see Password Protecting a Directory in Your Shared Hosting Account.
  2. Using your hosting account's editor, open your wp-admin/.htaccess file.
  3. Add this code to the bottom of the file:
    <Files "admin-ajax.php">
      Order allow,deny
      Allow from all
      Satisfy any 
    </Files>

Now, when you visit your WordPress admin login, you are prompted to log in.


Was This Article Helpful?
Thank You For Your Feedback
Glad we helped! Anything more we can do for you?
Sorry about that. How can we be more helpful?