How to additionally secure WordPress and Joomla sign-in?

Method I (easier)

Securing the login to our Joomla or WordPress can be done using the built-in tool in cPanel. Our job is to secure the wp-admin directory for WordPress. In the case of Joomla, the “administrator” directory should be secured, in the same way as in the example below.

Log in to cPanel and search for the option “Directory Privacy”

Then, by clicking on the folder icons, we go to the folder with WordPress or with Joomla

Search for the directory you want to protect and then click “EDIT” next to the directory.

The first action is after clicking “EDIT” is to check the checkbox ” Password protect this directory”, then enter any name for the protected directory and press Save. Later we just create a user and enter the password with which we will additionally log in and click Save.

Now when you go to domain-client.com/wp-admin/ or to domain-client.com/administrator, you will see such a window:

Method II (recommended, more complicated)

The simplest method of security and probably the most popular is to use authentication with the auth_basic module. We will need two files for this: .htaccess and .htpasswd.

In the case of joomla, it is enough to insert into the .htaccess file:

AuthName „Joomla – Restricted area”
AuthType Basic
AuthUserFile /home/clientname/public_html/joomla/administrator/.htpasswd
Require valid-user

And to prevent error 500 before the line:

RewriteRule .* index.php [L]

Add this:

RewriteCond %{REQUEST_URI} ^/administrator/

Next, you need to generate the contents of the .htpasswd file, which you will place in the administrator directory. You can do it here, for example: http://www.htaccesstools.com/htpasswd-generator/

It looks similar for WordPress, where we paste in the root directory into the .htaccess file:


AuthName „WordPress Site – Restricted area”
AuthType Basic
AuthUserFile /home/clientsdomain/public_html/wordpress/.htpasswd
Require valid-user

Then we generate the .htpasswd file as above and place it in the root directory of wordpress.

Leave a Reply