Password Protect wp-login.php from bruteforce attacking.

Step1: Create a file under your project/site directory named with .htpasswd


Step2: Write down the username and encrypted password to the file .htpasswd. Like bellow


[note: password can be generated from here]

Step3: Put the bellow codes into your .htaccess file

ErrorDocument 401 "Unauthorized Access"
ErrorDocument 403 "Forbidden"
<FilesMatch "wp-login.php">
AuthName "Authorized Only"
AuthType Basic
AuthUserFile /home/cpanel-user-name/public_html/
require valid-user