Title: two factor authorization
Last modified: August 19, 2016

---

# two factor authorization

 *  Resolved [deko](https://wordpress.org/support/users/deko/)
 * (@deko)
 * [15 years, 8 months ago](https://wordpress.org/support/topic/two-factor-authorization/)
 * Since there are a limited number of contributors to my blog I’ve screened access
   to wp-login.php with the below code.
 * I’ve password-protected the admin directory and put a link to wp-login.php on
   a page in that directory.
 * I know… a referrer is easily spoofed. but it should keep scripted attempts at
   bay.
 *     ```
       // Redirect if not referred by internal page
       if (isset($_SERVER['HTTP_REFERER']))
       {
       	$ref = $_SERVER['HTTP_REFERER'];
       }
       if ($ref != "http://www.myblog.org/admin/sitestats.php")
       {
       	wp_redirect('http://www.myblog.org');
       }
       ```
   
 * suggestions for improvement?

The topic ‘two factor authorization’ is closed to new replies.

## Tags

 * [authentication](https://wordpress.org/support/topic-tag/authentication/)
 * [login](https://wordpress.org/support/topic-tag/login/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 0 replies
 * 1 participant
 * Last reply from: [deko](https://wordpress.org/support/users/deko/)
 * Last activity: [15 years, 8 months ago](https://wordpress.org/support/topic/two-factor-authorization/)
 * Status: resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics