6 years ago (2015-06-16)  computer technology |   First to comment  10 
post score 0 times, average 0.0

Do not know why, Wang Boyuan’s blog has been frequently attacked by malicious logins in the past two days. On a night or so day, guests have received up to 100 login error notification emails sent by the system. This has caused extreme guest distress.For this reason, the extreme guests thought of using htaccess+.htpasswd to set the website directory and file access password to protect the key files and directories related to the website login, so that malicious login would not be so rampant, which added double insurance for website security.For more website security protection methods, please refer to 12 ways to strengthen the security of WordPress website. Of course, these methods are not just for wordpress.

Protect directory

Create a new htaccess file in the directory where you want to set password access. Add the statement:

Note that the AuthUserFile is followed by the path to the .htpasswd file. This path is the absolute path given to you by the host, not the path to your domain name.The user name and password are recorded in the .htpasswd file, but these user names and passwords are encrypted, non-plaintext passwords. The password is stored in the following format: User name: Password How to generate the htpasswd password Please visit: http://tool.oschina.net/htpasswd htpasswd is generated online [ /caption] Copy the generated result in a file named ".htpasswd" and place it in the root directory of the website.Note that the path to the .htpasswd file is followed by AuthUserFile.

Password protection website file

As you can see, the method is similar to protecting a directory. As for the setting of restricting IP access to specified files, you can refer to the 12 ways to strengthen the security of WordPress website.

Effect preview

[caption id="attachment_1290" align="aligncenter" width="361"] htpasswdSet password protected directory


This article has been printed on copyright and is protected by copyright laws. It must not be reproduced without permission.If you need to reprint, please contact the author or visit the copyright to obtain the authorization. If you feel that this article is useful to you, you can click the "Sponsoring Author" below to call the author!

Reprinted Note Source: Baiyuan's Blog>>https://wangbaiyuan.cn/en/htpasswd-set-site-directory-file-passwords-2.html

Post comment


No Comment


Forget password?