WordPress.org

Ready to get started?Download WordPress

Plugin Directory

Password Protection

HTTP Basic Authentication as secondary defense for wp-admin - blocks brute force attacks. Also blocks users (bots) with No-Referrer Headers.

Will this plugin keep my site from being hacked?

NO! No plugin can keep your site from being hacked but this plugin will stop annoying brute force attempts to your login page.

What is a No-Referrer Request?

A No-Referrer Request is a direct request made to your wp-login.php file. Normally when you go to wp-admin and you are not logged in WordPress will redirect you to wp-login.php. When this happens the referrer is from your same domain. Bots and automated scripts normally make direct post requests to wp-login.php without a referrer. This plugin can block all requests without a referrer or requests from a referrer that is not from your domain.

What if I forget my Password?

If you forget your password there is no way to recover it because it is stored as an encrypted hash. If you forget your password you will have to disable the plugin by changing the name of the password-protection using FTP. Once disabled and you log in you can then re activate the plugin and enter a new password on the settings page.

Requires: 3.5.1 or higher
Compatible up to: 3.6 beta
Last Updated: 2013-4-16
Downloads: 1,170

Ratings

0 stars
0 out of 5 stars

Support

Got something to say? Need help?

Compatibility

+
=
Not enough data

0 people say it works.
0 people say it's broken.

0,2,0