{"id":6486,"date":"2022-10-20T10:50:00","date_gmt":"2022-10-20T10:50:00","guid":{"rendered":"https:\/\/www.smarthost.au\/blog\/?p=6486"},"modified":"2024-06-18T12:55:02","modified_gmt":"2024-06-18T12:55:02","slug":"how-to-additionally-secure-wordpress-and-joomla-sign-in","status":"publish","type":"post","link":"https:\/\/www.smarthost.au\/blog\/how-to-additionally-secure-wordpress-and-joomla-sign-in","title":{"rendered":"How to additionally secure WordPress and Joomla sign-in?"},"content":{"rendered":"\n

Method I (easier)
<\/strong><\/p>\n\n\n\n

Securing the login to our Joomla or WordPress can be done using the built-in tool in cPanel. Our job is to secure the wp-admin directory for WordPress. In the case of Joomla, the “administrator” directory should be secured, in the same way as in the example below.<\/p>\n\n\n\n

Log in to cPanel and search for the option “Directory Privacy”<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Then, by clicking on the folder icons, we go to the folder with WordPress or with Joomla<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Search for the directory you want to protect and then click “EDIT” next to the directory.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

The first action is after clicking “EDIT” is to check the checkbox ” Password protect this directory”, then enter any name for the protected directory and press Save. Later we just create a user and enter the password with which we will additionally log in and click Save.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Now when you go to domain-client.com\/wp-admin\/ or to domain-client.com\/administrator, you will see such a window:<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

<\/p>\n\n\n\n

Method II (recommended, more complicated)<\/strong><\/p>\n\n\n\n

The simplest method of security and probably the most popular is to use authentication with the auth_basic module. We will need two files for this: .htaccess and .htpasswd.<\/p>\n\n\n\n

In the case of joomla, it is enough to insert into the .htaccess file:<\/p>\n\n\n\n

AuthName \u201eJoomla \u2013 Restricted area\u201d
AuthType Basic
AuthUserFile \/home\/clientname\/public_html\/joomla\/administrator\/.htpasswd
Require valid-user<\/p>\n\n\n\n

And to prevent error 500 before the line:<\/p>\n\n\n\n

RewriteRule .* index.php [L]<\/p>\n\n\n\n

Add this:<\/p>\n\n\n\n

RewriteCond %{REQUEST_URI} ^\/administrator\/<\/p>\n\n\n\n

Next, you need to generate the contents of the .htpasswd file, which you will place in the administrator directory. You can do it here, for example: http:\/\/www.htaccesstools.com\/htpasswd-generator\/<\/p>\n\n\n\n

<\/p>\n\n\n\n

It looks similar for WordPress, where we paste in the root directory into the .htaccess file:<\/strong><\/p>\n\n\n\n


AuthName \u201eWordPress Site \u2013 Restricted area\u201d
AuthType Basic
AuthUserFile \/home\/clientsdomain\/public_html\/wordpress\/.htpasswd
Require valid-user
<\/p>\n\n\n\n

Then we generate the .htpasswd file as above and place it in the root directory of wordpress.<\/p>\n","protected":false},"excerpt":{"rendered":"

Method I (easier) Securing the login to our Joomla or WordPress can be done using the built-in tool in cPanel. Our job is to secure the wp-admin directory for WordPress. In the case of Joomla,Continue reading<\/a><\/p>\n","protected":false},"author":9,"featured_media":6494,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[437,1021,438,231,8,232],"tags":[119,298,75,63],"class_list":["post-6486","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cpanel-pl","category-guides","category-hosting-pl","category-joomla-hr","category-security","category-wordpress-hr","tag-guide","tag-joomla-hr","tag-security","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts\/6486","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/comments?post=6486"}],"version-history":[{"count":1,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts\/6486\/revisions"}],"predecessor-version":[{"id":6497,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts\/6486\/revisions\/6497"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/media\/6494"}],"wp:attachment":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/media?parent=6486"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/categories?post=6486"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/tags?post=6486"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}