Add Extra Security To Your WordPress Blog with AskApache Password Protect

For the past day or two, some readers had trouble accessing this blog. Instead of seeing the familiar blog home page, readers were greeted with a 403 forbidden warning saying they don’t have permission to access. The reason for this was I was testing out a new security plugin call AskApache Password Protect. This is an incredibly strong security plugin to protect your WordPress blog. However, it’s so strong that it can lock you and your readers out if you go crazy with the settings, which was what happen yesterday.

This plugin doesn’t control WordPress or mess with your database, instead it utilizes fast, tried-and-true built-in Security features to add multiple layers of security to your blog. This plugin is specifically designed and regularly updated specifically to stop automated and unskilled attackers attempts to exploit vulnerabilities on your blog resulting in a hacked site.

The power of this plugin is that it creates a virtual wall around your blog allowing it to stop attacks before they even reach your blog to deliver a malicious payload. In addition this plugin also has the capability to block spam with a resounding slap, saving CPU, Memory, and Database resources. Choose a username and password to protect your entire /wp-admin/ folder and login page. Forbid common exploits and attack patterns with Mod_Security, Mod_Rewrite, Mod_Alias and Apache’s tried-and-true Core Security features. This plugin requires the worlds #1 web server, Apache, and web host support for .htaccess files.


AskApache offers tons of options to lock down your WordPress blog. You can turn on any or all. However, you should turn on each feature one at a time and then see how it affects your blog. You should also ask your readers if they can access your blog after turning on a feature. I had a total of 12 features enable and while I was able to access everything, a small group of readers were locked out.

If you lock yourself out (which happened a few times to me) then you’ll need to FTP/SFTP/SSH into your blog and remove the code the plugin wrote in your blog’s .htacess file. It’s pretty simple to do and gets you instantly back in but I can imagine the look of horror on a locked out blog owner’s face if he didn’t read the plugin’s readme file.

While no amount of security can keep out a determined hacker, AskApache will stop most of the automated bot and SQL injection attacks. Having an extra layer of security never hurts. Just remember to not turn on everything all at once (unless you enjoy locking everyone, and yourself, out of your blog).

Thanks to Geeks Are Sexy for the heads up on this plugin.

AskApache Password Protect WordPress Plugin

40 thoughts on “Add Extra Security To Your WordPress Blog with AskApache Password Protect”

  1. Harshad says:

    With wordpress plugins things become so easy. I remember doing all this manually on my websites a few years ago.

    1. Abhik says:

      That’s still the best way IMHO.

      1. Catalin says:

        It sure is the best solution, but knowing how hosting has evolved nowadays, few bloggers actually have that much access, for them, it’s no point to reinvent the wheel as these kind of plugin are all they need.

    2. dotCOMreport says:

      WordPress plugins make membership sites even easier. Doing it manually might seem like the best way, but with a really good, quality WP plugin, why reinvent the wheel?

      1. Abhik says:

        Well, poorly coded plugins are always a security threat and vulnerable.

        1. Well, the key to that is to not use a poorly coded plugin. One can always look at the code before they install it.

          1. Harshad says:

            WordPress plugins are good because they save you lot of time. At times they can prove to be risky. The best way is to try them after doing some research. Monitoring the blog is important after installation of a plugin.

  2. Sonam Lama says:

    AskApache Password Protect is awesome. I love how it literally blocks the bots and creates a virtual force field for our blogs. I no longer have to worry too much about hackers stealing my password because i now have my own virtual body guards! haha

    Oh and I’ll be sure to not go crazy turning everything all at once, as I’m sure we all can agree that being locked out of your blog, which is like your second home is not fun.

    Cool post John.

  3. smbchamp says:

    That is nice.. But I am not sure if we all should be activating that as the plugin warns us that it might break other plugins. Also hacking is widely successful because of the security weakness at your host end. I am not saying that the WordPress flaws are not the reason. It is just one of the reasons.

    I know web hosts who deploy software firewalls. How can they skip a hardware firewall? They dont even take care to ensure proper security in the routers. All they look for is cheap hardware so that they can offer cheap plans

  4. Abhik says:

    Its a nice plugin indeed, but slows down your blog’s performance.

    1. Catalin says:

      I haven’t noticed any performance issues so far, nor any complaints about it. Have you experienced that?

  5. Hadn’t heard of it yet. Looks like it might be a good security plugin, but I’ll have to look into it more.

    By the way, how much money did you lose while your blog was down? lol

    1. Yes … that we would love to know …

      What was the amount of your loss for these two days.

  6. Donny Gamble says:

    The number of spammers and hackers are definitely on the rise. I always wake up in the morning with 100’s of spam orientated content. I will definitely give this plugin a whirl.

    1. Abhik says:

      This plugin has nothing to do with SPAM comments..
      Yes, you should use it if you are concerned about hacking.

      1. Harshad says:

        I think it can stop spam comments as well. This plugin can stop automated bots that post comments.

        1. For the spam comments I think Akismet is really doing great …

          this one will be helpful to you for the security purpose.

        2. Abhik says:

          Well, to filter SPAM comments, Akismet is the best.
          Many CMS script (including vBulletin) using akismet API to fight SPAM.

  7. fas says:

    Amazin John, it would be awesome if you can tell us how to use the settings.

    1. yeah I am also looking for some setting information ..

  8. Chris says:

    Thanks for the plug-in info… wouldn’t have found it without your blog!

  9. does it slow down the blog site?


    1. John Chow says:

      I have no noticed any slow down. In fact, it could speed up your blog since it stops those exploits before it has a chance to hit your blog. Once those exploits hits, they take up server resources and can really show you down.

      1. Have you noticed any drawback of this plugin yet …

  10. PPC Ian says:

    Thanks for sharing. This seems like an awesome plugin to add another layer of security to one’s blog!

    1. Yes certainly … blogger like John and Darren is always on target … so they must have these kind of extra safety.

      1. Abhik says:

        I am sure John already has plenty of security features installed on his server.

        1. NO ‘ZK @ Web Marketing Blog’ I think hackers are smart enough and thats why they mostly target bloggers who are in middle.

  11. Rahul says:

    i haven’t yet try it. but reading your post it seems very cool and i’m going to try it very soon. thanks for sharing, john.

    1. Catalin says:

      Let us know how it turned out for you, Rahul 🙂

  12. chris says:

    nice tip. could do with some extra security on my site. nice to know it doesnt slow things down as well

  13. Freerobin says:

    hi, nice article, but i don’t find that plugin 🙁

    1. Go to your WordPress admin dashboard and find it there. It still astounds me so few people know you can install plugins directly from your admin panel..

  14. Aah John we really missed you these two to three days.

    It was like some important thing in our life is missing.

  15. I think if you are getting some popularity amongst bloggers you should have the plugins like this.

  16. ikki says:

    great post, i think i should use this plugin

    1. Catalin says:

      If you have a good amount of audience and wanna stay safe, you sure should. Already on it haha

  17. Lucian says:

    Security plugins for wordpress are very popular these days. I’m using only security scanner

  18. ikki says:

    well, i installed askapache, great security plugin by the way

  19. Great post. I havent had any problem with security on my wordpress blogs but this is something that should definitely be considered.

Comments are closed.