Skip to content

Instantly share code, notes, and snippets.

@jasperf
Last active Aug 29, 2015
Embed
What would you like to do?
.htaccess authentication to protect wp-login.php against brute force attacks without blocking the whole site #wordpress #security #htaccess
#http://tools.dynamicdrive.com/password/
AuthType Basic
AuthName "Graag twee keer login invoeren en daarna standaaard WordPress login"
AuthUserFile /path/to/file/.htpasswd
<Files wp-login.php>
Require valid-user
</Files>
#Dreamhost required this directive above WP directive
#http://wiki.dreamhost.com/Password-protecting_directories#Password_Protecting_Directories_within_WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^/(failed_auth\.html).*$ [NC]
RewriteRule . - [L]
</IfModule>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment