WordPress htpasswd – access to wp-login i wp-admin restricted by additional password

WordPress htpasswd - access to wp-login i wp-admin restricted by additional password

Additional protection for WordPress wp-admin Dashboard, wp-login and xmlrpc

Create an additional username and password to further secure WordPress by protecting the dashboard and login page. This command creates a user called “access” and will ask you for the password twice:

This is a part of “Self hosting WordPress securely in 2018 on FreeBSD with nginx, PHP 7.2, ModSecurity, brotli, Let’s Encrypt SSL” post, these commands will not work by they own.

sh -c 'printf "access:`openssl passwd -apr1`\n"' >> /usr/local/etc/nginx/htpasswd
Password:
Verifying - Password:
chmod 600 /usr/local/etc/nginx/htpasswd
chown mysite:mysite /usr/local/etc/nginx/htpasswd

You will be asked for these credentials when accessing /wp-admin directory of your site. This will also stop brute-forcing bots from accessing login page and burdening PHP engine unnecessarily.

Post:

Self hosting WordPress securely in 2018 on FreeBSD with nginx, PHP 7.2, ModSecurity, brotli, Let’s Encrypt SSL

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.