Copy the following program to "wordpress-apache-password.php" within your "wp-content/plugins/" folder.
<?php
/*
Plugin Name: Apache Password
Plugin URI: http://www.seoegghead.com/software/wordpress-admin-password-generator.seo
Description: Generate htpassword for wp-admin.
Author: SEO Egghead
Version: 1.1 for WP 2.x
Author URI: http://www.seoegghead.com/
*/
add_option('Apache_Password_username', '');
add_option('Apache_Password_suffix', rand(0, 10000));
add_action('admin_menu', 'Apache_Password_admin_menu');
//modified from sociable plugin - http://yoast.com/wordpress/sociable/
add_filter( 'plugin_action_links', 'Apache_Password_filter_plugin_actions', 10, 2 );
function Apache_Password_filter_plugin_actions( $links, $file ){
//Static so we don't call plugin_basename on every plugin row.
static $this_plugin;
if ( ! $this_plugin ) $this_plugin = plugin_basename(__FILE__);
if ( $file == $this_plugin ){
$settings_link = '<a href="options-general.php?page=Apache_Password">Settings</a>';
array_unshift( $links, $settings_link ); // before other links
}
return $links;
}
function Apache_Password_rand_salt_crypt($pass)
{
$salt = "";
mt_srand((double)microtime()*1000000);
for ($i=0; $i<CRYPT_SALT_LENGTH; $i++)
$salt .= substr("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./", mt_rand() & 63, 1);
return crypt($pass, $salt);
}
function Apache_Password_admin_menu() {
add_submenu_page('options-general.php', 'Apache Password', 'Apache Password', 8, 'Apache_Password', 'Apache_Password_submenu');
}
function Apache_Password_submenu(){
if (!function_exists('file_put_contents')) {
function file_put_contents($filename, $data) {
$f = @fopen($filename, 'w');
if (!$f) {
return false;
} else {
$bytes = fwrite($f, $data);
fclose($f);
return $bytes;
}
}
}
$file_name = '.htpasswd_' . get_option('Apache_Password_suffix');
$htpassword_path = ABSPATH . 'wp-admin/.htpasswd_' . get_option('Apache_Password_suffix') ;
$username = get_option('Apache_Password_username');
$htacccess_content=<<<ENDHERE
<Files ~ "(\.(php))|^$$">
AuthUserFile $htpassword_path
AuthGroupFile /dev/null
AuthType Basic
AuthName "Protected"
<LIMIT GET PUT POST>
require user $username
</LIMIT>
</Files>
ENDHERE;
if($_REQUEST['create_htpass']){
$password = trim($_REQUEST['password']);
$username = trim($_REQUEST['username']);
update_option('Apache_Password_username', $username);
if(file_exists($htpassword_path)){
echo '<br />
<div class="updated fade">
<p>htpasswd file already exists, please modify file manually to change password.</p>
</div>';
}
elseif(preg_match('#^[a-z0-9]+$#i',$password) && preg_match('#^[a-z0-9]+$#i', $username)){
$htpassword_content = $username . ':' . Apache_Password_rand_salt_crypt($password);
if(@fopen($htpassword_path, 'w') && file_put_contents($htpassword_path, $htpassword_content)){
echo '<br />
<div class="updated fade">
<p>htpassword file sucessfully created.</p>
</div>';
}
else{
echo '<br />
<div class="updated fade">
<p>Unable to create file , create file ' .$file_name
. ' and place this line in it:<br /><b>' . $htpassword_content . '</b></p>
</div>';
}
}else {
echo '<br />
<div class="updated fade">
<p>Incorrect username or password, please try again.</p>
</div>';
}
}
elseif($_REQUEST['create_htaccess']){
$htaccess_path = ABSPATH . 'wp-admin/.htaccess';
if(!file_exists($htpassword_path) ){
echo '<br />
<div class="updated fade">
<p>No .htpassword file found, please complete step 1 first.</p>
</div>';
}elseif(file_exists($htaccess_path) ){
echo '<br />
<div class="updated fade">
<p>.htaccess already created, add this to .htaccess file:</p>'
. '<textarea readonly cols="45" rows="12" onclick="this.select();">' . htmlentities($htacccess_content) . '</textarea>'
.'</div>';
}else{
if($htaccess_file_handle = @fopen($htaccess_path, 'w')) {
if(file_put_contents($htaccess_path, $htacccess_content) ===false){
echo '<br />
<div class="updated fade">
<p>File created, unable to write to file, add this to .htaccess file:</p>
<textarea readonly cols="45" rows="12" onclick="this.select();">' . htmlentities($htacccess_content) . '</textarea>
</div> ';
}else{
echo '<br />
<div class="updated fade">
<p>File created, Finished</p>
</div>';
}
fclose($htaccess_file_handle);
}else{
echo '<br />
<div class="updated fade">
<p>Unable to create file, create and add this to htaccess file:</p>
<textarea readonly cols="45" rows="12" onclick="this.select();">' . htmlentities($htacccess_content) . '</textarea>
</div> ';
}
}
}
global $current_user;
get_currentuserinfo();
?>
<div class="wrap">
<h2>Generate Password:</h2>
<h3>Step 1: Generate htpassword file for wp-admin folder</h3>
<form name="generate-htpassword" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
Enter Username and Password for htpassword file. Both must consist of alphanumeric characters only.<br /><br />
<table><tr><td valign="top">
Username: </td><td ><input type="text" value="<?php echo (get_option('Apache_Password_username')) ? Apache_Password_clean_field(get_option('Apache_Password_username')) : $current_user->user_login?>" name="username" size="10"><br /><br />
</td></tr><tr><td valign="top">
Password: </td><td><input type="text" name="password" size="10"><br /><br />
</td></tr></table>
<input type="submit" name="create_htpass" value="Generate htpassword">
</form>
<h3>Step 2: Add htaccess file </h3>
<form name="Generate-htaccess" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
<input type="submit" name="create_htaccess" value="Generate htaccess">
</form>
<?php
show_Apache_Password_plugin_link();
echo '</div>';
}
function Apache_Password_clean_field($txt){
return htmlspecialchars(stripslashes($txt));
}
function show_Apache_Password_plugin_link() {
?>
<div style="float:right; position:relative; top:-60px;">
<a href="http://www.seoegghead.com/software/wordpress-password-generator.seo"
style="text-decoration:none;" target="_blank">
<?php
if(preg_match('#MSIE#', $_SERVER['HTTP_USER_AGENT']) == 0) {
?>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAHgAAAAUCAMAAA
BxjAnBAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAADBQTFRFz6Ol
opmRs21w48/P+Pb218bF9Orr6OTit7CpqVpdqaGZrmJlvYCD0ry769vc////wFM5SwAAAB
B0Uk5T////////////////////AOAjXRkAAAJLSURBVHjatFXtDiMhCERF3Q/R93/bGxDX
Xu5Pr2lJNk7pVHQYujS+FImov09Ng75VmM4zvU+V7xVu583vU7sVZo/CG7+kDRcL27qs4J
VWfJ+N/+GMzdi7cAQVhfm4PEJlcXjUkVf64CHxtogySnN8N64Ppn6erc10Gd3zERQn3DGN
ZIQGKq5LQ8ITnB+Y6073dK5oTBtDsxWUH3gmXGlF33nytFIFhfkKV68avSpOQDhLwhmk9t
6vECoKUEpJtHA8bwFWg5T7jHlifZSSsXnBORtwArWWZIEdREUBvYAK/1MJ4bC6aAhumRkQ
ResRLusW1oKmDJxBj1pMJ3OmCiET36Wdkadxon1XwNcc6+G76tTFfT+ptCWVkVAwGb7qFQ
5lQYRDm1JdRhTPy8Tz6EPNUvVsaqpoHbh5dqEVW+e5QC9KuY1KnK+nxTKfoCLg8rqTrmkW
xAZ/FfOjDxWhuxC2RuuI0oXcGTNldKfSGhuVVh8PXNz+iHS1Yj4Ubf+a/ZaquLgQKqd1w8
cIxSrGFHqR33Q4lbIHJIWsQeYn9fqBVWA3lauRBWNcb6ymOAootnO5jNregu/ipCfQDWIH
1c2wWk6Ze2oSP/CApx78Mh3McxXzj7cdLa0uo8qpV/KQsoes7Jk0Kh0rEvR98CjiMDMG3w
MKioFqhqWJo3qoWYtt9TyiD1mw8U7Psfjoj5m9X2Ob5b9fKp+9A1+KiU/zbwvn6ZqozpQH
958X3j6Ly2c2pj8vXB5/VLyCFi7j9zeWGQSvF/IP6ZMLjz8CDACmemOuUH7ZzQAAAABJRU
5ErkJggg==" />
<?php
}
?>
<br />
<small>Click here for plugin documentation.</small>
</a>
<br />
<small>Got Questions or Feedback?
<a style="text-decoration:none;"
href=
"http://www.seoegghead.com/about/contact-us.seo?
subject=Apache+Password+Feedback"
target="_blank">
Click here.
</a>
</small>
<br />
<small>By using this plugin you agree to
<a style="text-decoration:none;"
href="http://www.seoegghead.com/software/free-software-disclaimer.seo"
target="_blank">
this simple disclaimer.
</a>
</small>
</div>
<?php
}
