Securing wordpress admin area

My WordPress Site has been Hacked

Securing wordpress admin area

Securing your wordpress admin area

It’s common knowledge that securing wordpress admin area is extremely important as it can be vulnerable to hackers.  It’s easy for hackers to gain access to this area through the login page.  Usually, these sort of attacks or hacks come in the form of a “brute force attack”.  If you’re aware of this, you’re one step ahead in securing your WordPress admin area.

Extra protection and layers of security are essential to keeping your website in your control.  Securing your “wp-admin” is one way you can lock down your administration area and keep would be hackers out of your site.  A simple way to accomplish this is to password protect your admin folder.  This can be accomplished through either a .htaccess file or through an Apache configuration file.


The use of Apache to password protect WordPress is one of the preferred methods since this will allow other functions like Ajax to continue to operate.  Using .htaccess has some limits in this area and this has been well documented and discussed online.

Protect Your WordPress Admin areaOf course, there is a multitude of plugins that can also secure your admin area.  One of these is Protect WP-Admin.  This particular plugin focuses on the admin panel and its common url, since WordPress uses the same “admin” url for its control panel, everyone knows the location of this panel.  The Protect WP-Admin plugin allows you to change your admin panel address and block any default links.  When you rename your “wp-admin” directory all queries will be redirected to your homepage.  The means that all your backend operations will be confined to the custom url you have designated.  If you keep this url private, you’ll be the only one with that access to your admin area.

Also consider getting an SSL for your site.  Not only is it better for SEO but you can also force your admin area to utilize https using a plugin like WP Force HTTPS or WP Force SSL https://wordpress.org/plugins/wp-force-https/

Beefing up your WordPress login through both a password protected admin area or customized admin area are great ways to increase your overall site security.  When used in conjunction with a WordPress security plugin you’ll go a long way to adding to your site’s security and your own peace of mind.  Your content is important and it should be protected.  By taking these simple steps you can keep any attackers at bay.

CMS Managers offers complete WordPress security essentials to your website, check out our services today.




This entry has 0 replies

Comments open

Leave a reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>