WordPress Security Tips – Protect Your WP-Admin Directory

If you own a website, you will know how important website security is to protecting your blog.  You can never be too careful when it comes to securing a site, as you never know who is trying to gain access without permission.

If you run a WordPress site, then you will already be required to log in with a username and password to gain access to your WordPress dashboard.

Quick note: Always remember to change your default log in details from “admin” to something else and choose a long password that contains both letters (upper & lower case), numbers and symbols (£, &, ?, /, ”, =, %, $, etc.).  It’s also useful to change your password regularly and of course never give it out to anyone!

You may think that your site is pretty secure this way, but you can make doubly sure by adding another layer of authentication.

Setting Up WordPress Security In cPanel

So, in order to do this, we will set it up in your (hosting) cPanel.  Log in and navigate down to the ‘Security’ tab.  You want to click on the ‘Password Protect Directories’ folder.

1. cPanel > Security > Password Protect Directories

This will open a window asking you to select the folder that you wish to protect.  You want to select the folder that your WordPress files are stored on, which unless you moved it will be in the ‘wp-admin’ folder.

2. Select ‘wp-admin’ folder

In the next window you can set up your security settings and create a username and password.  Firstly, you want to check the ‘Password protect this directory’ box and name it.  Then simply create a new user with a strong password.  Obviously, make sure this is different to your normal WordPress dashboard login details.

3. Check the ‘Password protect this directory’ box and name it.

4. Create a new user with a strong password.

That’s all there is to it!  Now whenever you go to log into your WordPress dashboard, you will see a new authentication box where you enter in your newly created username and password.  This will then lead to your normal WordPress Dashboard login screen.

Simple!  Now, you have a two tiered security set-up that will help prevent anyone from gaining access to your WordPress dashboard.

Have you set up security like this for your site? What other WordPress security measures do you use to protect your site? Please let us know in the comments section below!

Image by ‘Zebble’ [Source]