Does Hestia has directory privacy option on panel. I would like to add password for my wordpress website’s wp-admin page. I will add extra step via page password. Many fake user trying login attempt. captcha etc. does not recognize them as bot.
Example;
Configure a wordpress jail in fail2ban.
Use a wp-plugin for that.
Configure password access via apache2
Configure only route to wp-admin to connections from a list of IPS. Maybe get a fixed IP via proxy and then only access there vien proxy.
You would need to add a new customized site template in your HestiaCP that defines the access restrictions you want.
A fail2ban jail, as already suggested, is also a good idea.
I use extension to block users’s ip adress. but they use different ip adresses. They pass captcha, hcaptcha etc.
I put 2AD but they find which user is active user via 2AD. I would like to protect the page by adding password. This will provide second barrier before access to wordpress system. Fixed ip adress is not suitable at the moment becuase it requires payment.
May be I can try SSO via Facebook.
You could also learn how to write access restrictions in nginx configs and make new hosting templates like I suggested.
¯\(ツ)/¯
You can protect a directory as shown in this link. https://www.studytonight.com/post/using-htaccess-file-to-password-protect-your-website-or-any-directory
Place the .htpasswd file in home/web/your-domain.com/private/
I protected a directory in HestiaCP this way. Let me know if you need any further help.
I have been giving it a thought.
you may configure .htpassword
try this old wp plugin: WordPress .htpasswd Generator – WordPress plugin | WordPress.org
I also saw an Oauth solution that syncs with wp users… The thing is that if the wp install fails, the Oauth server is down and then you can’t auth to visit /wp-admin
I would love to have an extra security feature such as this one. So that users defined in the WP panel or the control panel can only access the wp-admin section