Secure your wordpress based website with dual protection

Due to recent hacks of wordpress admin. A new debate comes what is the easiest and best possible way to secure a website that is being developed in wordpress. Although wordpress hack is done from passing a unnatural link back to uploading malicious script on the server. With keeping in mind this thing we must need to know the best way to securing a wordpress based site.

 

One of the possibe way of securing website is to dual protection of your wordpress admin section because the most recent attack of wordpress is done through admin section hack.

Below code snippet will help us to achieve double protection of wordpress admin section. The dual protection contains

i) HTTP based protction (when someone access your wp-login.php file)

ii) Regular authentication of wordpress

HTTP based protction (when someone access your wp-login.php file)

Use below code snippet to your .htaccess file

<Files wp-login.php>
AuthUserFile /var/www/html/.htpasswd
AuthType Basic
AuthName "Website authorization"
Require valid-user
</Files>

 

 

With above code snippet in your .htaacess file. You must need to store a file at the server path /var/www/html (This path can be anything on server) a file .htpasswd

below code snippet can be written under .htpasswd file

username:$apr1$zbHD0TWK$Z/3lMobCaAok2LbMoCFgz0

 

 

Remember: One entry per line.

Note: The hash is typically “UNIX crypt” style with MD5 or SHA1 as common alternatives.

The following two tabs change content below.

Chandra Shekhar

GCP Architect
Chandra Shekhar Pandey is Google certified Cloud engineer, I am Magento2 Trained developer. Having huge experience in designing cloud solution. I have around 12 years of experience with world enterprise IT companies and fortune 500 clients. During my architecture design I am always caring about high availability, fast performance and resilient system. From the programmer background I have huge experience in LAMP stack as well. Throughout my carrier I have worked on Retail, E-Learning, Video Conferencing and social media domain. The motive of creating cutehits was just to share the knowledge/solutions I get to know during my day to day life so that if possible I can help someone for same problems/solutions. CuteHits.com is a really a very effort for sharing knowledge to rest of the world. For any query/suggestion about same you can contact me on below details:- Email: shekharmca2005 at gmail.com Phone: +91-9560201363

Latest posts by Chandra Shekhar (see all)

You may also like...