How to Block Hackers Using cPanel From Scanning Your Website's Authors

How to Block Hackers Using cPanel From Scanning Your Website's Authors

I am sure, you have already heard about the brute force attack. Well, it’s about scanning your WordPress website for vulnerabilities to exploit it.

Every WordPress security consists of a point to limit your login attempts or any security plugin, which controls everything.

Now, let me make you understand a little bit about author scanning. When hackers scan your website and try to get the author ID, which then solves 50% of their work because they can find out the password by trying different combinations.

At this point, if you disable author scanning, no one can find out the author ID, and your website is safe from the brute force attack.

To block the unknown users, by trying different password combination, it’s important to limit the login attempts. Every time you read something related to WordPress security, make sure you do some research.

In this tutorial, you’re going to learn a convenient method to discourage brute force attack by disabling author scanning.

You may be wondering if you require any coding skills. Well, all you need is to copy and paste the code in a file.

A Step By Step Process to Discourage Brute Force Attack

Now and then, you may encounter with wp-config.php and .htaccess files. These are two most important files of a WordPress site.

In this tutorial, you need .htaccess. If you use the Yoast SEO plugin, you can edit the file from your admin area. But it’s always a good idea to use cPanel, from which you can backup the file before editing.

Now, I must mention that having the full backup of your WordPress website and its database is vital for safety. It’s possible that you can break your site with any wrong code placement.

Although there is nothing complicated, still it’s better to take precautions.

Let me show you the required steps.

Step 1:

As usual, you need to open your cPanel account and find the Files’ section, under which you can easily spot the file manager icon.

How to Block Hackers Using cPanel From Scanning Your Website's Authors

Depending on your web hosting service, you can notice a different layout.

You may already know that every almost every web hosting company uses a different design template for its cPanel. So, there is nothing to worry about.

All you need is to find out the file manager and click to open.

Step 2:

By default, it’s possible that you see the home directory. But you need to look at the public_html directory, where all the files and folder of the WordPress site are available.

How to Block Hackers Using cPanel From Scanning Your Website's Authors

You can accomplish it by clicking on public_html from the left-hand sidebar of cPanel.

Step 3:

Scroll down, and you can easily spot the .htaccess file. If you don’t see it, it means you need to update the cPanel settings.

How to Block Hackers Using cPanel From Scanning Your Website's Authors

Go to the top-right corner to click on the Settings’ button. A popup appears, from which you need to check the box to display hidden files.

You should know that .htaccess is a hidden file and a “dot” as the prefix is the sign.

Step 4:

If you still don’t see it. It’s because you host multiple websites on the same server. If you do, open the domain name folder and then search for .htaccess.

How to Block Hackers Using cPanel From Scanning Your Website's Authors

Find it and right-click to choose an edit option.

Step 5:

A popup appears to allow you disable encoding. But you don’t need to change anything. Click on the Edit button.

How to Block Hackers Using cPanel From Scanning Your Website's Authors

Step 6:

A new tab opens up in your web browser. It consists of all the coding files.

Note: If you’re scared, it’s better to backup the .htaccess file by double-clicking.

Now as you have seen the file, copy and paste the code shown below.

# Block Author Scans
RewriteEngineOn
RewriteBase /
RewriteCond%{QUERY_STRING} (author=d+) [NC]
RewriteRule .* - [F]

Make sure you add it before #End WordPress. Once you add it, click on the Save Changes button displaying at the top-right corner.

Congrats, from now onwards, no one will be able to scan authors of your WordPress website.

Isn’t That Easy to Disable Authors Scanning

Securing your WordPress website should be one of the most important goals. While running anything online, it’s essential to keep everything updated.

You may already know hackers always try to find the websites with any vulnerability. And you shouldn’t leave any on your site.

Conclusion

You may be wondering if any security plugin can accomplish such a task. Well, it depends, because there are many plugins in the market.

Even if you’re a non-techie person, editing the .htaccess file isn’t a big deal.

Check out these top 3 WordPress hosting services:

A2 Hosting
$2.99 /mo
Starting price
Visit A2 Hosting
Rating based on expert review
  • User Friendly
    4.5
  • Support
    4.0
  • Features
    4.5
  • Reliability
    4.8
  • Pricing
    4.0
Hostinger
$2.99 /mo
Starting price
Visit Hostinger
Rating based on expert review
  • User Friendly
    4.7
  • Support
    4.7
  • Features
    4.8
  • Reliability
    4.8
  • Pricing
    4.7
HostArmada
$2.49 /mo
Starting price
Visit HostArmada
Rating based on expert review
  • User Friendly
    4.5
  • Support
    4.5
  • Features
    4.5
  • Reliability
    4.5
  • Pricing
    4.0

How to Disable File Editing in the WordPress Admin Panel

This how-to guide explains to stop file editing from the WordPress admin panel t
3 min read
Arvind Singh
Arvind Singh
Hosting Expert

How to Block a Country from Your WordPress Website Using cPanel

This how-to guide explains the best possible way to block specific country users
3 min read
Arvind Singh
Arvind Singh
Hosting Expert

How to Stop Access to Sensitive Files of Your WordPress Website

This how-to guide explains to add another security layer to the sensitive files
3 min read
Arvind Singh
Arvind Singh
Hosting Expert

How to Disable the XML-RPC WordPress File Using cPanel

This how-to guide teaches you to disable the XML-RPC WordPress file to reduce th
3 min read
Arvind Singh
Arvind Singh
Hosting Expert
HostAdvice.com provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top