Secure WordPress wp-admin

WordPress SecuritySecurity for open sources have always remain a concern specially WordPress. WordPress is the most used opensource because of user friendly environment and SEO friendly nature. Below we will mention how WordPress website can become more secure. For that purpose we will lock down wp-admin and wp-login.php means no unauthorized user will be able to open it.

We will show you with snapshots below how to secure your WordPress Admin Panel

Step # 1:

Login to Your cPanel using your hosting credentials.

WordPress Security

Step # 2:

Look out for the security section and beneath it click on Password Protection Directories.

WordPress Security

Step # 3:

From the combo box select Document Root and click Go.

WordPress Security

Step # 4:

A list of directory will be shown, now click on wp-admin directory

WordPress Security

Step # 5:

Below an option will be provided to create user. Create new user and set strict password for it, option to use generate password is advised. After creating user click Go Back.

WordPress Security

Step # 6: 

At top in Security Settings, check Password Protect this directory and name the protected directory and click save. Any name can be given.

WordPress Security

Step # 7: 

Now access wp-admin and your browser will prompt for username and password. In it write username and password you just created.

WordPress Security

Step # 8:

This step is for only those users who fail to access admin If you are receiving it then you need to place below code in your .htaccess file of wp-admin folder, .htaccess file can be found in public_html/wp-admin folder. Code is provided below,

Add this code at top of .htaccess file

ErrorDocument 401 “Denied”
ErrorDocument 403 “Denied”
# Allow plugin access to admin-ajax.php around password protection
<Files admin-ajax.php>
Order allow,deny
Allow from all
Satisfy any