Knowledgebase

How to password protect the(wordpress) wp-admin directory in cPanel Print

  • 47

Password protecting your /wp-admin/ folder is an effective method to enhance security against bots and other unauthorized access attempts. At Hands-On, if a bot fails this additional check several times, they will be automatically blocked in the firewall, preventing further access attempts. To implement this protection, follow these 10 steps:

  1. Log in to cPanel.
  2. Under "Security," click "Password Protect Directories."
  3. Locate and click the "wp-admin" directory.
  4. Check the box next to "Password protect this directory."
  5. Enter a phrase, such as "Protected," in the "Name the protected directory:" box, and then click "Save."
  6. After receiving the confirmation screen, click "Go back."
  7. Under "Create User:", create a new username and password that must be entered when you visit yourdomain.com/wp-admin/, and click "Add/Modify Authorized User."
  8. Return to the main cPanel page and open the File Manager. When prompted, ensure "Show Hidden Files (dotfiles)" is selected.
  9. Navigate to the wp-admin folder, and click the .htaccess file to highlight it. Once highlighted, click "Code Editor" at the top and click "Edit."
  10. At the bottom of the file, add the following code to enable WordPress to recognize this additional password protection, and click "Save":

ErrorDocument 401 default

You can now try accessing your wp-admin/ folder through the browser. If you encounter any issues or have questions, please open a support ticket through your client area.


Was this answer helpful?
« Back