Step of enabling Protected Page:

1.    To configure it, login to Sucuri Firewall Protection.

2.    After that, go to the Protected Pages settings.

3.    Add the page that you want to protect, such as "/wp-login.php" or "/admin".

4.    Choose the type of authentication method you want and click on Protect Page.

5.    Finally, done!


  • Once the user successfully validates the access, the WAF will prompt the challenge again after

          30 days except for the IP Restriction option.

  • The validation is cookie-based, therefore if accessing from a different browser/device or if the

           browser cookies are cleared, the Protected Page challenge will be prompted again. You can

           also remove and re-add the Protected Page to force a revalidation for all users.

  • The Password Protection option generates a random password, it’s not possible to customize it,

           but you can request a new password at any time on the dashboard.

  • If you add the root directory of the website (/) on Protected Page, it may disrupt the Let’s Encrypt

          SSL issue and renew process.