WordPress.org

Ready to get started?Download WordPress

Forums

[closed] Protect all your WordPress sites on your cPanel server quickly and easily (2 posts)

  1. webstandardcss
    Member
    Posted 1 year ago #

    Help to protect all your WordPress sites on your cPanel server from the new Brute Force Botnet Attacks, quickly and easily, by requiring a htaccess password prior to WordPress login.

    user@server [~]# sudo -i # Log in as the root user.

    root@server [~]# vi /usr/local/apache/conf/includes/post_virtualhost_2.conf # Edit the file.

    # Paste the following lines.
    ErrorDocument 401 "Unauthorized Access"
    ErrorDocument 403 "Forbidden"
    <FilesMatch "wp-login.php">
    AuthName "Authorized Only"
    AuthType Basic
    AuthUserFile /home/.wpadmin
    require valid-user
    </FilesMatch>

    root@server [~]# htpasswd -c /home/.wpadmin pressuser # Enter and confirm password.

    root@server [~]# cat /home/.wpadmin # Verify correct username.

    root@server [~]# chmod 755 /home/.wpadmin # Set access permissions.

    root@server [~]# service httpd restart # Restart the web server.

  2. This is possible, but it's meaningless for I'd say 90% of the WordPress users who are on shared hosting and do not have root access.

    This is much more relevant http://codex.wordpress.org/Brute_Force_Attacks and gives instructions that are applicable to both shared and dedicated server users.

Topic Closed

This topic has been closed to new replies.

About this Topic