Step of enabling Protected Page:


1.    To configure it, login to Sucuri Firewall Protection.



2.    After that, go to the Protected Pages settings.



3.    Add the page that you want to protect, such as "/wp-login.php" or "/admin".



4.    Choose the type of authentication method you want and click on Protect Page.



5.    Finally, done!



Note:

  • Once the user successfully validates the access, the WAF will prompt the challenge again after

          30 days except for the IP Restriction option.


  • The validation is cookie-based, therefore if accessing from a different browser/device or if the

           browser cookies are cleared, the Protected Page challenge will be prompted again. You can

           also remove and re-add the Protected Page to force a revalidation for all users.


  • The Password Protection option generates a random password, it’s not possible to customize it,

           but you can request a new password at any time on the dashboard.


  • If you add the root directory of the website (/) on Protected Page, it may disrupt the Let’s Encrypt

          SSL issue and renew process.