How to Edit Permissions for Files to Protect wp-admin Login Page?

Keywords: WordPress - Google Cloud Platform - How to - Permissions

Description:
Hello everyone,

I am trying to password protect my wp-admin login page so I followed this guide: Password-protect access to an application with Apache. I was able to do this step in the SSH - sudo /opt/bitnami/apache2/bin/htpasswd -cb /opt/bitnami/apache2/wordpress_users MyUsername MyStrongPassword.

When I tried to edit the /opt/bitnami/apache2/conf/vhosts/wordpress-vhost.conf I got the following error:

Error: /opt/bitnami/apache/conf/vhosts/wordpress-vhost.conf: open for write: permission denied
Error: File transfer failed

So, I tried to edit the permission by following this guide:

https://docs.bitnami.com/general/apps/wordpress/administration/understand-file-permissions/
https://www.youtube.com/watch?v=nKfle7O0vN8&list=PLGgVZHi3XQNn4x0DU7Qj1r_inej3xEUda

As shown in the video, I changed the path to this

sudo chown -R bitnami:daemon /opt/bitnami/apache/conf/vhosts/wordpress-https-vhost.conf
sudo find /opt/bitnami/apache/conf/vhosts/wordpress-https-vhost.conf -type d -exec chmod 775 {} ;
sudo find /opt/bitnami/apache/conf/vhosts/wordpress-https-vhost.conf -type f -exec chmod 664 {} ;

sudo find /opt/bitnami/apache/conf/vhosts/wordpress-vhost.conf -type f -exec chmod 775 {} ;

Since that’s the file I want to edit and reupload via SFTP.

But I got the same error again in FileZilla

Error: /opt/bitnami/apache/conf/vhosts/wordpress-vhost.conf: open for write: permission denied
Error: File transfer failed

I didn’t touch the wp-config file because I’m not trying to change any file there. And I’m being careful not to break my site.

Don’t know if that’s what I’m supposed to do though.

So, how do I edit the file permissions successfully to be able to edit this particular file AND ANY file that I want in the future?

Also, how do I revert the file permissions I’ve changed above to their defaults so as not to make my site vulnerable?

Thanks in advance for your help.

I didn’t watch all the videos, but the instructions look like they’re for password protecting the entire app / site…

You may just need to do something like this, keeping in mind you’ll have to look at the user permissions as the app runs using a different name than bitnami:
https://www.labnol.org/code/19247-password-protect-wordpress-admin

May work, may not - I’m not an expert on the subject but familiar. Proceed carefully, and backup!

@kboddy thank you for the suggestion. I followed it carefully and even tweaked it a bit after the original steps didn’t work, e.g. the command $ mkdir ... gave command not found error until I removed the dollar $ sign, then run the command again. After an hour plus of trying I gave up. Didn’t work. But I’ll keep searching.

I appreciate your help, thank you.

Oh… You’re really not familiar with linux are you. Be really careful then if this is any type of production server (though it sounds like you’re just getting setup). $ is the prompt.

Yes, I’m new to learning Linux. You’re right, just getting setup.

Hi @taiwodare,

I suggest you use the terminal to edit the files. You will just need to run this command

sudo nano /PATH/TO/THE/FILE

https://docs.bitnami.com/google/faq/get-started/connect-ssh/
https://www.howtogeek.com/howto/42980/the-beginners-guide-to-nano-the-linux-command-line-text-editor/

You shouldn’t be editing the permissions configuration of the configuration files and giving the daemon group permissions to edit the file is not a good idea. Please reset the permissions of those files

sudo chown bitnami:root /opt/bitnami/apache/conf/vhosts/wordpress*.conf
sudo chmod 664 /opt/bitnami/apache/conf/vhosts/wordpress*.conf

Thanks for your response.

I have reset the file permissions for the files.

So, after a bit of digging, I found this thread and tried the steps again.

But now, instead of the wp-admin page to be password protected, the whole site is being protected.

What did I do wrong please?

I want just the login page wp-admin page to be protected, not the whole site.

Thanks for your help.

@jota Is there any help you can render concerning this please?

Hi @taiwodare ,

You need to use a custom Directory or Location block that allows you password-protect the wp-admin page only, not the whole WordPress application. Please note that this is not a Bitnami-related question but an Apache’s and WordPress’ one. We suggest you check similar cases in this forum or in the WordPress’ forum as well as reviewing the Apache’s documentation to know how to perform this change.

We will keep this ticket open in case any other Bitnami user configured the application the same way you want so he can post the info about how he did it.

@jota OK, thank you. I’ll keep looking for a solution too and write back to this thread.

Hi @jota

Unfortunately, I haven’t found a working solution for this issue. But I’ll keep trying.

A temporary solution I used was changing the wp-admin url to a custom and unique one.

The old wp-login.php file in the root directory was not downloaded. I viewed/edited it within the SFTP directory using a notepad and then find and replace every instance of wp-login to my-unique-url then save, closed it and it got automatically reuploaded to the server.

Then I renamed the wp-login.php to my-unique-url.php and that’s it. So, when I tried accessing mydomain.com/wp-admin I got the Oops! That page can't be found error. But mydomain.com/my-unique-url.php allowed me to log in to the admin area.

After doing this, the Wordfence pro plugin stopped recording brute force attack reports.