Can the /wp-admin directory in WordPress be password protected to prevent hacking?
 by Kristi Hagen

Can the /wp-admin directory in WordPress be password protected to prevent hacking?

  • Are you or your dev people in the habit of password protecting the /wp-admin directory on WordPress sites using a .htpasswds or similar?

    I've just had a client site hacked for the second time in 6 months, and I'm wondering about using this security trick. Does this lock Google out of anything important?

Answer:

We don't normally password protect the wp-admin page but in some cases we have moved the login page to avoid this issue by using /wpaccess (or some other non-standard URL) instead of wp-admin. You could also restrict that directory based on IP address.

WordPress, by default, allows access to that URL specifically. Seems there are some requests for /wp-admin/admin-ajax.php that might create some rendering issues depending on the theme/setups. You probably could just allow access to that file and nothing else in /wp-admin/ based on IP.

Fyi, we do often use Securi and/or Wordfence.SEN article end

...

Already a member? Sign in here

Read the rest of this article,
and get all this for only $1.

  • The Search Engine Strategies Updates for November 2020
  • SEN's Monthly Marketing Podcast for Strategies on the Go
  • Ultimate Guide to Avoiding Google Penalties
  • The Complete Site Audit Checklist
  • The Definitive Local Search Audit Checklist
  • 100's of Strategic SEO Articles and Q&As
  • The Internet Marketing Glossary
  • The Pro SEO's Local Search Directory List
  • 2019 Unfair Advantage SEO Beginner's Book
  • Pro's Ultimate WordPress Plugin Guide
  • The Vault: SEN's Internet Marketing Research Libraries
  • PLUS, as a Full SEN Basic Member, you'll be eligible for hundreds of dollars of discounts on SEO courses ranging from beginner to master on a variety of topics including organic search, local search, and social networking.

  • Your $1 Trial is good for 7 days at which time your card will be charged $29/mo unless you cancel before December 4th, 2020

 This form is encrypted for your security