Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

too many requests - Wordpress mod-rewrite

Discussion in 'General Discussion' started by dsca, Feb 19, 2017.

Tags:
  1. dsca

    dsca Registered

    Joined:
    Feb 19, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Germany
    cPanel Access Level:
    Website Owner
    Hi,

    in refer to this thread:
    Too many redirects on Wordpress

    I have the problem that i want to install the htaccess protection for my wordpress blog.
    So i want to protect the /wp-admin directory and the wp-login.php (both!)
    I modified the htacces with:

    <Files wp-login.php>
    AuthType Basic
    AuthName "My Protected Area"
    AuthUserFile /home/public_html/passwd
    Require valid-user
    </Files>

    But the problem is, that i get the "too many requests" - message and the protection is not working...

    the default mod rewrite is this.
    I have no idea how i modify this code, mod-rewrite is stupid and complicated...

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress

    has anybody ideas?

    Thanks
    dsca
     

    Attached Files:

  2. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    599
    Likes Received:
    92
    Trophy Points:
    153
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    This usually means the location to the auth file is incorrect and judging by what you have there, it most likely is:

    Code:
    /home/public_html/passwd
    That should look like this:

    Code:
    /home/user/public_html/passwd
    or are you trying to add protection for your entire server?

    Try using this via SSH, it will do everything for you, just make sure to remove the current rules you put in .htaccess:

    Code:
    #Add .htaccess protection to a WP install.
    for user in CHANGEME ; do p4ssw0rd=$(tr -dc A-Za-z0-9_ < /dev/urandom | head -c 12 | xargs) ; /usr/local/apache/bin/htpasswd -b -c /home/$user/.htaccesspasswd $user $p4ssw0rd ; echo "Username: $user" ; echo "Password: $p4ssw0rd" ;
    
    cat <<EOT >> /home/$user/public_html/.htaccess
    
    # Popup login protection for WordPress admin
    # You can change the password in the /home/$user/.htaccesspasswd file.
    # To create a new login, you can use this site: http://www.htaccesstools.com/htpasswd-generator/
    
    <FilesMatch "wp-login.php">
    AuthType Basic
    AuthName "Secure Area"
    AuthUserFile "/home/$user/.htaccesspasswd"
    require valid-user
    </FilesMatch>
    ErrorDocument 401 default
    
    # End of popup login protection
    EOT
    done
    Make sure to change CHANGEME with the cPanel username.
     
    cPanelMichael likes this.
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Let us know if you have any additional questions after reviewing the previous post.

    Thanks!
     
  4. dsca

    dsca Registered

    Joined:
    Feb 19, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Germany
    cPanel Access Level:
    Website Owner
    i have no access to ssh-console... =(
    the path to htpasswd is correct.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You may want to reach out to your web hosting provider to verify no server-level settings are resulting in the error message you are facing. Otherwise, you could make changes to the .htaccess file via File Manager or FTP.

    Thanks!
     
Loading...

Share This Page