Password protecting /wp-admin/

  • timothya

    (@timothya)


    16 years, 10 months ago

    I have been trying to password protect the wp-admin folder using .htaccess, but instead of asking for the password I get “Error 404 – Not Found”. Any ideas?

Viewing 10 replies - 1 through 10 (of 10 total)
  • fips

    (@fips)

    16 years, 10 months ago

    What does your .htaccess file say?

    Thread Starter timothya

    (@timothya)

    16 years, 10 months ago

    AuthUserFile /home/xxx/public_html/wp-admin/.htpasswd
    AuthGroupFile /home/xxx/public_html/wp-admin/
    AuthType Basic
    AuthName EnterPassword

    require user xxx

    Thread Starter timothya

    (@timothya)

    16 years, 10 months ago

    BTW… that is the one I wrote, but I even used my hosting company’s tools to password protect, and I get the Error 404 with their .htaccess as well.

    4seoblogs

    (@4seoblogs)

    16 years, 10 months ago

    The same problem.
    I have installed .htaccess into the folder wp-admin
    When i’m trying to get to http://myblog.com/wp-admin – WP redirects me to 404 page.

    The server is running CentOS + DirectAdmin. On all servers running DirectAdmin i got THE SAME!! problem. On other servers without DirectAdmin all is OK.
    I tried to rebuild Apache (2.0 \ 2.2) all the same.
    Please Help, i really need the directory wp-admin password protected.

    4seoblogs

    (@4seoblogs)

    16 years, 10 months ago

    problem solved
    wp-admin .htaccess

    ErrorDocument 401 default

AuthType Basic
AuthName "Restricted Area"
AuthUserFile /home/admin/domains/*****.info/public_html/wp-admin/.htpasswd
require valid-user

    main .htaccess in domain root

    # BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

    fips

    (@fips)

    16 years, 10 months ago

    For that little extra security it’s probably worth keeping your .htpasswd file outside of the web accessible area. And like 4seoblogs, you shouldn’t need the reference to AuthGroupFile in your .htaccess file if you aren’t intending to use one, TimothyA.

    sleeplessindc

    (@sleeplessindc)

    16 years, 5 months ago

    4seoblogs, thank you SO much! I’ve been looking for a solution for how to use password protection on the wp-admin directory and your code above solved it. This should be added to the WordPress documentation.

    Shane G.

    (@shane-g-1)

    16 years, 5 months ago

    Hi,

    Refer these articles:

    http://www.bestwpthemez.com/wordpress/how-to-allow-only-your-ip-adress-on-the-wp-admin-directory-2479/

    http://www.bestwpthemez.com/wordpress/how-to-hide-your-wp-admin-login-page-2437/

    Also check with this plugin:

    http://ww.wp.xz.cn/extend/plugins/askapache-password-protect/

    Thanks,

    Shane G.

    Wes

    (@wlefebvre)

    16 years, 5 months ago

    The solution is to download your .htaccess file, open it using notepad or similar and add the following code before the WordPress entries, or modify the current ErrorDocument 401 line to the following:

    ErrorDocument 401 default

    Upload the file back to the server.

    I wrote this blog post about it if you need more details.

    dayer

    (@dayer)

    16 years, 3 months ago

    Of course. But if any required field in the comments are missing, Apache ask user and password to the visitor. πŸ™

    PD: although if the visitor click cancel then WordPress gives it the error of the fields πŸ™‚

Viewing 10 replies - 1 through 10 (of 10 total)

The topic ‘Password protecting /wp-admin/’ is closed to new replies.