Created
June 22, 2014 19:40
-
-
Save uzulla/bc5b08f418a3fb967484 to your computer and use it in GitHub Desktop.
Wordpressでwp-login.phpにBasic認証つけるやつ .htaccessを宗教上の理由でつかえない人や、nginx上でそもそもBasic/Digest認証とか設定するのがnginxのconfigにかかなきゃいけないしだるい。かといってwp-login.phpに直接書くとバージョンアップでもどされちゃう、という人向けです。 注意:あくまで簡易的な自動アタック避けです。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// wp-config.phpの先頭あたりに適当につっこむ | |
// YOURNAMEとPASSWORDは適当に書き換える | |
if(preg_match('/wp-login\.php$/', $_SERVER['PHP_SELF'])){ | |
if( !($_SERVER["PHP_AUTH_USER"]=='YOURNAME') || !($_SERVER["PHP_AUTH_PW"]=='PASSWORD') ) { | |
header('WWW-Authenticate: Basic realm="Please Enter Your Password"'); | |
header("HTTP/1.0 401 Unauthorized"); | |
echo "Authorization Required"; | |
die; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment