Step of enabling Protected Page:
1. To configure it, login to Sucuri Firewall Protection.
2. After that, go to the Protected Pages settings.
3. Add the page that you want to protect, such as "/wp-login.php" or "/admin".
4. Choose the type of authentication method you want and click on Protect Page.
5. Finally, done!
Note:
- Once the user successfully validates the access, the WAF will prompt the challenge again after
30 days except for the IP Restriction option.
- The validation is cookie-based, therefore if accessing from a different browser/device or if the
browser cookies are cleared, the Protected Page challenge will be prompted again. You can
also remove and re-add the Protected Page to force a revalidation for all users.
- The Password Protection option generates a random password, it’s not possible to customize it,
but you can request a new password at any time on the dashboard.
- If you add the root directory of the website (/) on Protected Page, it may disrupt the Let’s Encrypt
SSL issue and renew process.