Improvements to .htpasswd for wp-admin

dlh01 · Sep 10, 2012 · e16ea02 · e16ea02
1 parent 13b40e0
commit e16ea02
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/wordpress/wp-admin/.htaccess b/wordpress/wp-admin/.htaccess
@@ -14,9 +14,15 @@
 
 # Optionally require a second username and password to access the Dashboard
 # http://blog.sucuri.net/2012/07/wordpress-and-server-hardening-taking-security-to-another-level.html
+# http://build.codepoet.com/2012/07/10/locking-down-wordpress/
 # learn more: http://httpd.apache.org/docs/2.2/howto/auth.html#gettingitworking
 
 # AuthUserFile /var/www/mysite/.htpasswd
 # AuthName "Restricted area"
 # AuthType Basic
-# require user myuser2
+# require valid-user
+# <Files admin-ajax.php>
+#   Order allow,deny
+#   Allow from all
+#   Satisfy any
+# <Files>