Title: /wp-admin Last modified: August 21, 2016 --- # /wp-admin * Resolved [mrppp](https://wordpress.org/support/users/mrppp/) * (@mrppp) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/) * Is it possible to block access to this page, i use a front end login? * [http://wordpress.org/plugins/bulletproof-security/](http://wordpress.org/plugins/bulletproof-security/) Viewing 13 replies - 1 through 13 (of 13 total) * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086153) * If you do not allow visitors to register, login and post comments on your website then you can use BasicAuth Directory Password protection. You would set that up in your web host control panel and .htaccess code will be automatically added to your wp-admin .htaccess file when you do that. * You would then need to copy that .htaccess code that your host creates in the wp-admin .htaccess file to this BPS Custom Code text box: CUSTOM CODE WPADMIN TOP: Add wp-admin password protection, IP whitelist allow access & miscellaneous custom code here, click the Save wp-admin Custom Code button and activate wp- admin BulletProof Mode again. * Thread Starter [mrppp](https://wordpress.org/support/users/mrppp/) * (@mrppp) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086186) * well i do allow people to post but from a front end login * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086192) * Then I assume what you are saying is you have other designated people who log into the site to create Posts and you do NOT allow random visitors to your website to post comments. If this is true and you add BasicAuth Directory Password Protection then you will need to provide the Directory Password Protection login credentials to all the people you DO allow to login to your site. * Thread Starter [mrppp](https://wordpress.org/support/users/mrppp/) * (@mrppp) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086201) * i let anyone post but they login front end and do not need to access the page/ wp-admin as such if that makes sense * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086224) * Then you cannot use BasicAuth Directory Password Protection. * Anyone who logs into your website needs to be able to access the /wp-admin folder in order to be able to login to your website. * Create a test Subscriber user account on your website by registering to your site and login to the site and you will see why you cannot use Directory Password Protection. * Thread Starter [mrppp](https://wordpress.org/support/users/mrppp/) * (@mrppp) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086225) * ok, i was just hoping i could only allow access to the front end login with ajax, then block access to login, or prevent that page wp-admin being accessed * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086227) * The problem with that is the WordPress admin-ajax.php file is located in the / wp-admin folder. 😉 Personally I think it is a silly and unnecessary thing to add Directory Password Protection to the /wp-admin folder. The logic is this: The /wp-admin folder already has authentication protection so adding a second authentication for the /wp-admin folder does not make it any more secure = silly. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086228) * Type this URL into your Browser Address bar: yourWebsiteDomain.com/wp-admin/admin. php 😉 * Thread Starter [mrppp](https://wordpress.org/support/users/mrppp/) * (@mrppp) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086230) * i can access the login with that but url is `http://mydomain/wp-login.php?redirect_to =http%3A%2F%2Fwww.mydomain%2Fwp-admin%2Fadmin.php&reauth=1` * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086231) * Yes, that is correct because if you try to access the /wp-admin/ folder directly then WordPress will force you to login first by redirecting you to the login page. * Thread Starter [mrppp](https://wordpress.org/support/users/mrppp/) * (@mrppp) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086232) * right i see so access to the folder will always get redirected to login, so keep limit login attempts set * but that actual page can’t be hidden so only login is available from my front end i.e access to /wp-admin would redirect to mysite.com * Thread Starter [mrppp](https://wordpress.org/support/users/mrppp/) * (@mrppp) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086233) * have you tried Better WP Security By Bit51 running with BPS, couple of features i like on that but don’t want to conflict with this. one was the automated DB backup and the other the File Change Detection * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086234) * We have tested Better WP Security before and it works with BPS, but there are some known common issues and problems with that plugin so you should check that plugin’s support forum for solutions to those problems. We only handle BPS solutions. 😉 Viewing 13 replies - 1 through 13 (of 13 total) The topic ‘/wp-admin’ is closed to new replies. * ![](https://ps.w.org/bulletproof-security/assets/icon-128x128.png?rev=1731938) * [BulletProof Security](https://wordpress.org/plugins/bulletproof-security/) * [Support Threads](https://wordpress.org/support/plugin/bulletproof-security/) * [Active Topics](https://wordpress.org/support/plugin/bulletproof-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/bulletproof-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/bulletproof-security/reviews/) * 13 replies * 2 participants * Last reply from: [AITpro](https://wordpress.org/support/users/aitpro/) * Last activity: [12 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-24/#post-4086234) * Status: resolved