Woocommerce Account details and wp-admin password protected. | WordPress.org

Resolved guichdev
(@guichdev)

2 years, 8 months ago
Hi,

I installed the wordfence free plugin, and password protected my wp-admin folder. I use woocommerce wordfence and wordpress last version and I already modified .htaccess to exclude admin-ajax.php to resolve some issue when clients were trying to connect their personnal account. It worked but there is still an issue when they click on “account details” into their account’s page, the popup asking for the “wp-admin” folder user and password is showing up. I am able to access the section and I am able to change my password or email effectively if if I click on “cancel” but it is quite annoying for some client as they don’t know if they can do it or if it is a problem from the website. If I already change authorisation for “admin-ajax.php” is there another file I need to exclude by .htaccess?

Regards,

Guillaume Baylly
- This topic was modified 2 years, 8 months ago by guichdev.

Viewing 1 replies (of 1 total)

Plugin Support wfphil
(@wfphil)

2 years, 8 months ago

Hi @guichdev

If you are breaking WordPresss and plugins that you use by blocking access to the wp-admin directory then we recommend that you remove the blocking. It is also not necessary to block access to that directory as wordpress.org takes the security of WordPress very seriously.

You can use all of our brute force login attack prevention tools below to protect agains unauthorized access:

https://www.wordfence.com/help/firewall/brute-force/

https://www.wordfence.com/help/tools/two-factor-authentication/

https://www.wordfence.com/help/login-security/

Viewing 1 replies (of 1 total)

The topic ‘Woocommerce Account details and wp-admin password protected.’ is closed to new replies.

1 reply
2 participants
Last reply from: wfphil
Last activity: 2 years, 8 months ago
Status: resolved