1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

wp-login.php security

Discussion in 'Blogging' started by bluemanteam, May 4, 2008.

0
  1. #1
    I'm using htaccess to limit access to the admin folder but was wondering if anyone has come across a good plugin to to enable captchas on the wp-login page?

    Thanks
     
    bluemanteam, May 4, 2008 IP
  2. eTechDude.com

    eTechDude.com Member

    Messages:
    205
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    28
    #2
    i think it shouldn't be too hard to code in..
     
    eTechDude.com, May 5, 2008 IP
  3. godsofchaos

    godsofchaos Peon

    Messages:
    2,595
    Likes Received:
    124
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Yepp! Use Sabre :)
     
    godsofchaos, May 5, 2008 IP
  4. Pixelrage

    Pixelrage Peon

    Messages:
    5,083
    Likes Received:
    128
    Best Answers:
    0
    Trophy Points:
    0
    #4
    why not just password protect the file through cpanel?
     
    Pixelrage, May 5, 2008 IP
  5. bluemanteam

    bluemanteam Peon

    Messages:
    169
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Thanks, I'll definately check out Sabre and CPANEL passwords.

    I did find a nice piece of code last night to limit access to the file based upon IP address which I have installed.
     
    bluemanteam, May 5, 2008 IP
  6. mizaks

    mizaks Well-Known Member

    Messages:
    2,066
    Likes Received:
    126
    Best Answers:
    0
    Trophy Points:
    135
    #6
    What exactly are you trying to stop? A brute force attack on your login page?
     
    mizaks, May 5, 2008 IP
  7. bluemanteam

    bluemanteam Peon

    Messages:
    169
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Yes, I'm hoping it will eliminate brute force attacks.
     
    bluemanteam, May 5, 2008 IP
  8. pipes

    pipes Prominent Member

    Messages:
    12,766
    Likes Received:
    958
    Best Answers:
    0
    Trophy Points:
    360
    #8
    bluemanteam, can you tell me how to do that with htaccess please?
     
    pipes, May 10, 2008 IP
  9. Joomla Dude

    Joomla Dude Banned

    Messages:
    592
    Likes Received:
    11
    Best Answers:
    0
    Trophy Points:
    0
    #9
    No need of any tough ways via htaccess.
    Just rename your WP-ADMIN folder and the visitors wont be able to guess it,what is the New name and they just cant reach the wp-login.php page then..
    Its too easy.
     
    Joomla Dude, May 10, 2008 IP
  10. bluemanteam

    bluemanteam Peon

    Messages:
    169
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #10
    Just add these 3 lines into an htaccess file and place it into the wp-admin folder. Just replace the xx.xx.xx.xx with your IP address.

    Order Deny,Allow
    Deny from all
    Allow from xx.xx.xx.xx
     
    bluemanteam, May 11, 2008 IP
    pipes likes this.
  11. bluemanteam

    bluemanteam Peon

    Messages:
    169
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #11
    I can't believe it is just this easy. If you rename the WP-Admin folder, won't it affect the functionality of the blog.

    Aren't there files that refer to files located in the WP-Admin folder? Wouldn't you have to update some WP files to point to the new name of WP-Admin?
     
    bluemanteam, May 11, 2008 IP
  12. pipes

    pipes Prominent Member

    Messages:
    12,766
    Likes Received:
    958
    Best Answers:
    0
    Trophy Points:
    360
    #12
    Thanks very much bluemanteam.
     
    pipes, May 12, 2008 IP