wp-login htaccess extended use | WordPress.org

Rasmataz
(@rasmataz)

10 years, 11 months ago

I currently use (very successfully) htaccess to avoid brute force and other login attacks but need to exclude simple logins for password protected posts which unfortunately use wp-login.

I currently have (edited):
`ErrorDocument 401 “Authorization Required”
<FilesMatch “wp-login.php”>
AuthName “Restricted”
AuthType Basic
AuthUserFile /.wp-auth
require valid-user
</FilesMatch>’

but don’t know how or if the FilesMatch can be altered to be skipped if the passed parm matches wp-login.php?action=postpass for password protected posts. We don’t want to provide the login/password to another level of users/visitors, just the post password if needed.

Anyone know if this can be easily done in Apache/htaccess?

Thanks!

The topic ‘wp-login htaccess extended use’ is closed to new replies.

Tags

htaccess

In: Fixing WordPress
0 replies
1 participant
Last reply from: Rasmataz
Last activity: 10 years, 11 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics