Ready to get started?Download WordPress


[resolved] protecting wp-admin directory (5 posts)

  1. Tony Stark
    Posted 5 years ago #


    Like all, I am worried about unauhorised access to wp-admin. Is creating an .htaccess file with blocked (and allowed) IP listings enough to prevent unwanted users?

    Can any provide any pointers/insights here with perhaps some sample .htaccess code?



  2. stvwlf
    Posted 5 years ago #

  3. Tony Stark
    Posted 5 years ago #


  4. sleeplessinDC
    Posted 4 years ago #

    The link above now gives a 404 Not Found. I'd like to know how I can protect the wp-admin directory from unwanted users but still allow my blog authors, editors, and contributors to log on.

  5. DebNCgal
    Posted 4 years ago #

    I concur with sleeplessinDC. 404s are being generated on /wp-admin/admin-ajax.php, referred by wp-admin/plugins.php, whether:

    1) I insert an .htaccess file inside the wp-admin directory that allows access to the wp-admin directory only from my IP address; or

    2) I password-protect the wp-admin directory.

    Plus, when applying password protection on the wp-admin directory, I cannot login myself via WP's login screen.

    Is it possible to protect the wp-admin directory without blocking my own login? (I'm the only user on my site.) Plus, are the 404s referred to above nomal? I only ask, because I use a plugin that notifies me by email whenever 404s occur, and they're coming in fairly frequently.

Topic Closed

This topic has been closed to new replies.

About this Topic