On the Internets you will find many posts that explain how to use a password protection on your back-end using a auth password. There is a problem But there is one big problem with that is it will break all your admin-ajax.php and admin-post.php requests. In the WordPress Codex you will find a page that will explains how to implement AJAX. You’ll read that admin-ajax.php lives in /wp-admin/. Using a password protection for this directory, you’re blocking access to that file which means that all AJAX requests will be broken. There is a solution You can correctly do this, but there is only one good way: AuthType Basic AuthName "Protected page" AuthUserFile /home/.htpasswd Require valid-user <Files admin-ajax.php> Order allow,deny Allow from all Satisfy any </Files> <Files admin-post.php> Order allow,deny Allow from all Satisfy any </Files> <Files "\.(css|gif|png|js)$"> Order allow,deny Allow from all Satisfy any </Files> Doing that, you’ll block your/wp-admin folder but NOT for theajax/post and content files likejpg/css/js. This, is the way to do it. You can use htaccesstools.com to generate you
Share This

We are using cookies on our website

Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.