How to protect wp-login and wp-admin

  • Hi WP community,
    I want to “hide” or protect my wp-login.php file and wp-admin folder.
    So I want to create something like this:
    If someone come to “my-website_url/wp-login.php” and “my-website_url/wp-admin”, then that person will be redirect to the main/home page of my website.
    How can I do that?
    Thanks so much!

    EDIT: I Know how to redirect wp-login.php to another url, but I don′t know how to hide wp-login.php,

Viewing 1 replies (of 1 total)

  • At least you can limit the access by IP. Only useful if your (or anyone else’s who needs to access) have static IP which doesn’t change too often. And not good if too many people need to login…

    For wp-login.php, add this to the WP install dir .htaccess (where wp-login is):

    <Files wp-login.php>
Order Deny,Allow
Deny from All
Allow from x.x.x.x
</Files>

    To wp-admin folder .htaccess add this:

    AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Example Access Control"
AuthType Basic
<Limit GET>
Order Deny,Allow
Deny from all
Allow from x.x.x.x
</Limit>

Viewing 1 replies (of 1 total)
  • The topic ‘How to protect wp-login and wp-admin’ is closed to new replies.