WP Login Password Protect


#1

Hi,

I have a wordpress website using EE and its PHP7 configuration. I tried to add a protection using http password on my wp-login page, but I can’t get it working.

My config are something like this :

location ^~ wp-login\.php$ {
    auth_basic "Authorization Required";
    auth_basic_user_file /var/www/.htpasswd;
    try_files $uri =404;
    fastcgi_pass php7;
    fastcgi_index  index.php;
    fastcgi_read_timeout 300;
    include fastcgi_params;
} 

I am not sure why, but nginx seems to ignore this config. Any help guys?


#2

Hello, the easiest way to proceed is to edit the file /etc/nginx/common/wpcommon-php7 and to add the line include common/acl.conf; in the section

location = /wp-login.php {
  limit_req zone=one burst=1 nodelay;
  include fastcgi_params;
  fastcgi_pass php7;
}

This way you can use the same login details than to access to phpmyadmin


#3

That should do the trick, but unfortunately nginx still bypass it…

Not sure, what went wrong though…

Note : yes, I already restart the stack after saving the new config.


#4

I have tried on my server and http login pop-up is displayed when I try to visit wp-login.php

location = /wp-login.php {
  limit_req zone=one burst=1 nodelay;
  include common/acl.conf;
  include fastcgi_params;
  fastcgi_pass php7;
}

You can try to run ee secure --auth to regenerate the htpasswd-ee file


#5

Does it, perhaps, because I am changing my login url into something like http://example.com/loginpage ??


#6

Yes, if you have changed your login url, it will not work.


#7