htaccess help – Password protect wp-admin and wp-login.php

• 

  flamesoulis · Member · May 8, 2015 at 6:03 am

  • Copy link
  • Add topic to favorites

  So I had originally managed to password protect wp-admin and wp-login.php and all was good. Then I enabled “Day and Name” Permalink and all heck broke loose. Now, one would assume the best idea is to disable it and go back to the old page system, but I would really like to keep this setup if possible.
  The issues are that the system will keep trying to redirect pages if I keep the Authentication in the folder (wp-admin). The file match for wp-login.php instead gives a “file not found” error, which means I can’t log out. If i have to go back to the page number system, I will, but if I don’t have to, that would be preferred. The reason for the password protection is to help stave off bots and attackers.

  # BEGIN WordPress
  <IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteBase /
  RewriteCond %{REQUEST_URI} !^/(wp-admin|wp-admin/.*)$
  RewriteCond %{EQUEST_FILENAME} !^/(wp-login.php.*)$
  #RewriteRule !^wp-login.php$ - [OR,L]
  RewriteRule ^index.php$ - [L]
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule . /index.php [L]
  </IfModule>
  
  # END WordPress
  
  <FilesMatch "wp-login.php">
  	RewriteEngine Off
  	AuthType Basic
  	AuthName "WP-Admin"
  	AuthUserFile "/home/flame18/.htpasswds/public_html/wp-admin/passwd"
  	require valid-user
  </FilesMatch>

  The blog I need help with is: (visible only to logged in users)

• 

  doncharisma · Member · May 8, 2015 at 6:15 am

  • Copy link

  @flamesoulis – You’re on the wrong forum, you need the wordpress.org support forums …

  On it’s footer your blog says :

  “Proudly powered by WordPress. Theme: Flat 1.5.7 by YoArts. “

  Mine says :

  “Blog at WordPress.com. | The Titan Theme”

  So please use the wordpress.org forums for your question – https://wordpress.org/support/

  Cheers

  Don Charisma

• 

  flamesoulis · Member · May 8, 2015 at 6:17 am

  • Copy link

  Woops! Many thanks.

• 

  doncharisma · Member · May 8, 2015 at 6:20 am

  • Copy link

  PS this page explains the difference – https://en.support.wordpress.com/com-vs-org/

  Aside the official page, my own explanation of differences between wp.com and wp.org here – http://doncharisma.org/2014/06/22/why-choose-wordpress-for-web-development/

  Hopefully wp.org support forums will be able to help :)

  Cheers

  Don Charisma