{"id":677,"date":"2013-04-12T22:27:26","date_gmt":"2013-04-12T15:27:26","guid":{"rendered":"http:\/\/whplus.com\/blog\/?p=677"},"modified":"2013-04-12T22:38:49","modified_gmt":"2013-04-12T15:38:49","slug":"mengamankan-wp-login-php-dari-akses-illegal","status":"publish","type":"post","link":"https:\/\/www.whplus.com\/blog\/2013\/04\/12\/mengamankan-wp-login-php-dari-akses-illegal.html","title":{"rendered":"Mengamankan wp-login.php dari akses illegal"},"content":{"rendered":"<p>Saat ini sedang terjadi serangan yang ditujukan ke script blog wordpress untuk mendapatkan akses login. untuk mencegah hal-hal yang tidak diinginkan silakan lakukan pengamanan <code>wp-login.php<\/code> dengan salah satu metoda di bawah ini:<\/p>\n<p>1. Install plugin <strong>captcha<\/strong> dan aktifkan untuk semua akses login wordpress anda<br \/>\n2. Pasang password protect untuk file <code>wp-login.php<\/code> dengan cara sbb:<\/p>\n<ol>\n<li type=\"a\">buat file .wpadmin, simpan dan letakkan di <code>\/home\/user\/.wpadmin<\/code> (catatan: user di sini adalah username akun cpanel anda),<\/li>\n<li type=\"a\">buat username dan password terenkripsi melalui <a href=\"http:\/\/www.htaccesstools.com\/htpasswd-generator\/\" target=\"_blank\">http:\/\/www.htaccesstools.com\/htpasswd-generator<\/a> (catatan: username di sini adalah username untuk akses file wp-login.php, bukan akses ke admin wordpress maupun akun cpanel),<\/li>\n<li type=\"a\">copy hasil username dan password yg terenkripsi dari langkah b (misal <code>john:n5MfEoHOIQkKg<\/code>) di file <code>\/home\/user\/.wpadmin<\/code>,<\/li>\n<li type=\"a\">buka file <code>\/home\/user\/.htaccess<\/code> dan copy paste field berikut:<\/li>\n<blockquote><p><span style=\"color: #008000;\">ErrorDocument 401 &#8220;Unauthorized Access&#8221;<\/span><br \/>\n<span style=\"color: #008000;\"> ErrorDocument 403 &#8220;Forbidden&#8221;<\/span><br \/>\n<span style=\"color: #008000;\"> &lt;FilesMatch &#8220;wp-login.php&#8221;&gt;<\/span><br \/>\n<span style=\"color: #008000;\"> AuthName &#8220;Authorized Only&#8221;<\/span><br \/>\n<span style=\"color: #008000;\"> AuthType Basic<\/span><br \/>\n<span style=\"color: #008000;\"> AuthUserFile \/home\/user\/.wpadmin<\/span><br \/>\n<span style=\"color: #008000;\"> require valid-user<\/span><br \/>\n<span style=\"color: #008000;\"> &lt;\/FilesMatch&gt;<\/span><\/p><\/blockquote>\n<\/ol>\n<p><!--more--><br \/>\n3. Pasang kode di bawah ini ke file <code>\/home\/user\/public_html\/.htaccess<\/code><\/p>\n<blockquote><p><span style=\"color: #008000;\">&lt;Files ~ &#8220;^wp-login.php&#8221;&gt;<\/span><br \/>\n<span style=\"color: #008000;\"> Order deny,allow<\/span><br \/>\n<span style=\"color: #008000;\"> Deny from all<\/span><br \/>\n<span style=\"color: #008000;\"> Allow from <span style=\"color: #ff0000;\">x.x.x.x<\/span><\/span><br \/>\n<span style=\"color: #008000;\"> &lt;\/Files&gt;<\/span><\/p><\/blockquote>\n<p>Ganti x.x.x.x dengan ip anda<br \/>\nAnda bisa klik <a href=\"http:\/\/whplus.com\/myip.php\">http:\/\/whplus.com\/myip.php<\/a> untuk mengetahui alamat ip yang sedang anda gunakan.<\/p>\n<p>Anda cukup pilih salah satu dari metoda di atas. Silakan email ke support bila anda membutuhkan bantuan kami terkait hal ini. Semoga bermanfaat.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Saat ini sedang terjadi serangan yang ditujukan ke script blog wordpress untuk mendapatkan akses login. untuk mencegah hal-hal yang tidak diinginkan silakan lakukan pengamanan wp-login.php dengan salah satu metoda di bawah ini: 1. Install plugin captcha dan aktifkan untuk semua akses login wordpress anda 2. Pasang password protect untuk file wp-login.php dengan cara sbb: buat\u2026 <span class=\"read-more\"><a href=\"https:\/\/www.whplus.com\/blog\/2013\/04\/12\/mengamankan-wp-login-php-dari-akses-illegal.html\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-677","post","type-post","status-publish","format-standard","hentry","category-tutorial"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/posts\/677","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/comments?post=677"}],"version-history":[{"count":8,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/posts\/677\/revisions"}],"predecessor-version":[{"id":685,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/posts\/677\/revisions\/685"}],"wp:attachment":[{"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/media?parent=677"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/categories?post=677"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/tags?post=677"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}