Includes free SSL certificate, unlimited bandwidth & fully optimised for WordPress.
Fully PCI-DSS compliant hosting, backups every 4 hours & free DDoS protection.
Unlimited bandwidth, WHM & cPanel control panel & fully white label.
Great value domain names available.
Create a professional looking website in minutes. Over 190 templates.
Speed up the delivery of your site.
Beautifully Simple. Massively Configurable. Scales from 1 VPS cloud, all the way up to a load balanced cluster.
Fully managed, high-spec dedicated servers deployed on our gigabit network, backed by our superior 24/7 UK support.
For our clients only. Open a ticket you can track and reply to.
Instantly talk to one of our support team, we're here to help.
Talk to us: 020 8050 1337 (Monday–Friday 9am – 8pm)
Business plans have access to 24/7 emergency phone support.
Search our extensive archive of guides to help you with your hosting account.
or go directly to our support site:
Content Management Systems (CMSs) like WordPress are under constant attack from the internet. Criminals will persist in trying to guess your passwords, so it's very important to take steps to protect your website as much as possible. One such step is to apply an extra level of security around your website's login page.
The example below is based on WordPress, but could as easily be applied to Joomla, Drupal and many more popular web applications, inlcuding ecommerce or forums etc.
This guide assumes a reasonable level of skill in using the FileManager within cpanel to locate, create, and edit files. Either that, or you should be able to edit files locally on your computer, and then be able to upload them using FTP/SFTP.
Step 1 - Create the encrypted password
Open your favourite web browser and go to http://www.askapache.com/online-tools/htpasswd-generator/
Username for logging in : enter the preferred username here (no spaces!) Password for the : enter a strong password here (8 chars minimum including numbers, upper and lower case and symbols) Realm or Popup Name : Just enter a title for the popup security notice Encryption Algorithm : md5 Authentication Scheme : Basic
Click the Generate HTPASSWD button.
This will produce some output, including the MD5 Algorithm, as shown. Now, copy the contents of the text box into the clipboard.
Step 2 - Create the password file in your cPanel account
Create a file named .passwd in the root of your home directory. i.e. the directory above public_html/
Now, edit that file and paste in the clipboard from Step 1. The contents of your .passwd file should now look like this:
Now save the file. That was easy wasn't it!
Step 3 - Modify/create a .htaccess file
Now that we have created our .passwd file, we now need to tell the webserver which files it should protect. To do this we must edit, or create a .htaccess file in your public_html/ directory. Depending on your WordPress settings, you may already have a .htaccess file here. If you don't, then create one using FileManager.
Add the following to the top of .htaccess
AuthName "Authorized Only"
ErrorDocument 401 default
Replace username, above with your cPanel username. Once, you have finished, then save the file.
That's it! Next time you try to login to your WordPress site the web server will ask you to enter the username and password. Better yet, if this is entered incorrectly more than a handful of times within a few minutes, then we will automatically block the IP address, meaning that the attacker hasn't even loaded the WordPress login page at all.