More security in the protection of wp-admin directory

  • Unknown's avatar
    domingolhn · Member ·

    As an evolution of the source code of Word Press, is it possible to generate, at the creation of Admin account (ie email, login and password) that a .htacess and a .htpasswd file are created automaticly in the path https://BlogName.wordpress.com/wp-admin/ with the same login and password to protect that directory ?
    ie a .htaccess like this, for example : 

    AuthName "Protected Admin Page"
AuthType Basic
AuthUserFile "https://BlogName.wordpress.com/wp-admin/.htpasswd"
Require valid-user

    and a .htpasswd like this
    login:MD5_crypted_password

    I have already read some topics about .htaccess in wordpress.com and its differrences with wordpress.org (for example how to edit .htaccess) ; but not with my request.
    There is a topic about this, unsolved and closed : Locked out of admin tool – can’t see .htaccess to fix

    The blog I need help with is: (visible only to logged in users)

  • Unknown's avatar
    justjennifer · Member ·

    As was mentioned by timethief in one of those other threads, “You cannot do that on any blog hosted by wordpress.COM.” Other than setting your site’s Privacy settings, there is no user access to the htaccess file or robots.txt file on WordPressdotcom sites.

    If your site is Public, all your files including media will be searched and indexed by search engine crawlers. The next setting to limit access only to human site visitors is “iffy” as it depends on whether the crawler respects that setting or not (not something that WPcom can control). The only setting that ensures that your site and files are kept out of search engines is setting your site to Private.

    There is no setting to make this granular. It’s all or nothing.

  • staff-zinnia · Staff ·

    Howdy!

    Justjennifer has provided accurate information regarding your question. It is not possible to do this on WordPress.com hosted site.

  • Unknown's avatar
    domingolhn · Member ·

    Thanx for your answer you 2. ;-)
    So, the source code won’t be change to create this files automaticly why the creation of the main blog ? I think it’s a little bit annoying.
    A chance that a user of the last stable version of WordPress (wordpress.org/download) can do it himself to protect his directory on his hosted site elsewhere than wordpress.com.
    So DIYS ;)
    Sorry for that but I don’t want to loose my sens of humour… :D
    I choose to resolve that topic definitivly because my request depend of the version of wordpress.org

  • The topic ‘More security in the protection of wp-admin directory’ is closed to new replies.