How To Password Protect the wp-admin Directory Using cPanel

One of the biggest fears is to lose the website you have devoted many years to. In the last couple of years, many websites were hacked because of the vulnerabilities.

It happens because most of the people don’t take the website security seriously. Many websites encounter the brute force attack because their login page is not secure.

You should always think about adding an extra security layer. Password Protecting your wp-admin directory is the perfect way to accomplish this.

If you have tried logging into any other big website, you may have seen that a few of them require an additional security layer to pass by filling the login credentials.

You can also apply that to your WordPress website. As you know, the login page of your website is controlled by the wp-admin directory, if you, password protects it, no one will be able to see the original login page of the website.

You may be wondering as if something super-techie is about to come. Well, there is nothing like that. There are a few steps you have to follow.

It’s Easy to Password Protect the wp-admin Directory

As I have already mentioned, you need to have an access to the cPanel of your web hosting account.

Step 1

Log into the cPanel and search for the files’ section. You have to find an icon for the Directory Privacy.

Depending on the web hosting you use, you may find it a little bit different. If you don’t see it, you can search for Password Protection for the directories.

There should be something similar. But this is the most used cPanel so you may not face any problem finding this option.

Step 2

Click on the icon and on a new page, you will see many directories. But these are the common directories and you need to open the directories of your websites.

You may be running more than one website on your web hosting so it’s necessary to choose your website’s URL. Click on the Settings’ button.

Step 3

Once you do that, a popup will appear. Select the “Document Root For” and choose your website from the drop-down menu.


Click on the Save Changes button.

Step 4

Now you will see many directories of your website. From which, you have to click on “wp-admin” because that’s what you are going to protect with a password.

Step 5

After that, you will see a checkbox to Protect this directory and an input field to enter the name.

You can name it anything you want. But if you scroll down, you can see many input fields to create a new user. These are the credentials you have to use when you try to access the login page of your WordPress website.

So it’s important to create a strong password and a username only you can remember.

If you can’t do it, you can use the password generator by clicking on the “Generate Password” button.

Otherwise, just fill the details and save it. Keep the username and the password somewhere safe so that even if you forget, you can access your website.

What Will Happen After Applying this

Well, now you have added an extra security layer to the login page of your WordPress website. If you try opening the login page, you can’t see the normal page you used to have.

It’s because you will be asked to enter the login details to see that page. That’s where you have to fill the username and the password you just created above.

It means your wp-admin directory is password protected now. It’s necessary because most of the hackers try to use the login combinations to hack a website.

You should know that most of the hacks are done by the bots. If you, password protects the wp-admin directory, it will be really hard for anyone to cross.

It means the hackers will now need to pass two login pages. If anyone else tries to open the login page of your website, he/she sees the similar page.

It may be different depending on the web hosting you use. Some companies show it in the middle of the page just like your login page whereas others show it just like the screenshot shown above.

I Hope You Can Easily Accomplish This

Every now and then people complain how hard it is to handle a website. Many people raise the question as if WordPress is secure or not.
You should know that 30% websites on the web are using WordPress. The security of your website is dependent on the actions you take to secure it.

It’s really important to understand that a small vulnerability can ruin the years of hard work. And I am sure, no one wants this to happen to his/her website.
Password Protecting the wp-admin directory has always been one of the most recommended things to secure a WordPress website.

As mentioned earlier, it helps you protect the website from the brute force attacks. If you have any security plugin, you may have noticed the different IP address trying to log into your WordPress website.

You can block those IP addresses if you want. But after password protecting, there won’t be much trouble dealing with such attacks.

I hope it’s not as hard as you thought before. Even if you’re a WordPress newbie, you can easily accomplish this using cPanel. I don’t understand why people are so scared of cPanel. It’s easy to handle just like you use the WordPress admin panel. You just need to find the right option to complete what you have in your mind. I hope you can do that.
If you still face any problem or have any kind of doubt in your mind, feel free to ask in the comment section. You can also use the contact form of our website.

We would love to help you solve your problems. Stay connected and learn more about WordPress and the usage of cPanel.

Check out the top 3 WordPress hosting services:

Was this article helpful?