Make sure your admin account has a very secure password as the admin account is default on wordpress so everyone knows its there.
Use letters, numbers and symbols.
eg if you password was “password” try “P@55w0rD”.
Thread Starter
edyst3
(@edyst3)
is there any way to make it double protection?
I mean that beside username and password login on wp-login.php page, we can protect the wp admin folder by giving it password. is that possible? and how?
I don’t know if this would work for you, but:
<?php
echo "Please enter your password<br />";
echo "<form method="POST" action="accpass.php">";
echo "<input type="textbox" name="password123">";
echo "<input type="submit">";
?>
Then on accpass.php have it see if $password123 == yourpassword, and if so, give them the link. I’m not sure if that helps, but it’s an idea.
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
I don’t know if this would work for you, but:
Putting passwords in any scripts is a really bad idea. If you need to protect wp-admin give this a read
http://www.askapache.com/wordpress/htaccess-password-protect.html
It puts the password in .htaccess/.htpassword which Apache web servers will not serve out.
If edyst3’s installation was compromised via the file system, then this network level access protection will not work. Edyst3, give http://codex.wordpress.org/Hardening_WordPress a good read too.
OP
post any more dupes and I will delete them all
