Support » Fixing WordPress » protecting wp-admin directory

  • Resolved Tony Stark

    (@tony-stark)


    Hi,

    Like all, I am worried about unauhorised access to wp-admin. Is creating an .htaccess file with blocked (and allowed) IP listings enough to prevent unwanted users?

    Can any provide any pointers/insights here with perhaps some sample .htaccess code?

    Thanks

    Tony

Viewing 4 replies - 1 through 4 (of 4 total)
  • Perfect

    The link above now gives a 404 Not Found. I’d like to know how I can protect the wp-admin directory from unwanted users but still allow my blog authors, editors, and contributors to log on.

    I concur with sleeplessinDC. 404s are being generated on /wp-admin/admin-ajax.php, referred by wp-admin/plugins.php, whether:

    1) I insert an .htaccess file inside the wp-admin directory that allows access to the wp-admin directory only from my IP address; or

    2) I password-protect the wp-admin directory.

    Plus, when applying password protection on the wp-admin directory, I cannot login myself via WP’s login screen.

    Is it possible to protect the wp-admin directory without blocking my own login? (I’m the only user on my site.) Plus, are the 404s referred to above nomal? I only ask, because I use a plugin that notifies me by email whenever 404s occur, and they’re coming in fairly frequently.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘protecting wp-admin directory’ is closed to new replies.