Welcome to WebmasterWorld Guest from

Message Too Old, No Replies

How to Handle Google Authorization Errors for Wordpress



2:16 pm on Apr 24, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

I posted in the Global Wordpress Hack Underway [webmasterworld.com...] my problem of the sudden increase in authorization permission errors being reported in GWT.

The errors were of this form:


The errors started a week after I introduced a password protection for extra layer of security for the site

I have removed the password protection in htaccess and deleted .htpasswd which I thought triggered the authorization permission errors. What that did was to halt the rise of the authorization permission errors. However, the errors simply remained constant - it did not increase but it also did not decrease. And yes, I keep getting messages in GWT about the authorization permission errors

Where else should I look at?

My robots.txt file currently has

User-agent: *
Disallow: /wp-admin/
Disallow: /wp-includes/
Disallow: /wp-content/plugins/

Should I add

Disallow: /wp-

to prevent Googlebot from accessing wp-login.php?

Note that:

- Wordpress has been installed since Jan 2012, and I've never had any authorization permission errors.
- WP-login.php is not linked anywhere on the site

This started April 1, and traffic has started to fall last week. Any direction you can point me to will be greatly appreciated.


1:53 am on Apr 25, 2013 (gmt 0)

WebmasterWorld Senior Member tedster is a WebmasterWorld Top Contributor of All Time 10+ Year Member

No, I wouldn't just Disallow /wp- Although that would probably fix your immediate issue, it might disallow other files that you don't want to block, because it's a bit too open-ended for my taste and that could lead to unintended issues in the future.

Since you want to block crawling of /wp-login.php, why not Disallow exactly that?


12:00 pm on Apr 26, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

Thanks Tedster. We're seeing some very little progress even with the

Disallow /wp-

From 687 errors at its peak, we're down to 683 then 681. It seems like a slow climb down. But I'm hoping that the downward trend continues, albeit slow

Funny thing is even with Disallow: /wp-content/plugins/ , GWT includes URLs like this as one of the authorization permission errors:


Given the constant attacks we've had since last year, we moved to a new webhost this year and are making sure that the server this time is properly configured and hardened. Once the migration is done this week, I'll revisit the robots.txt file again and simply do /wp-login.php disallow


10:07 am on Jul 9, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

I ended up doing a

Disallow: /wp-login.php

Google finally recognized that on 7/6 and access denied errors dropped. It took a while before GWT showed the drop in access denied, from the time it first started on 4/10.

Now the wait when the traffic I lost coinciding with the rise of access denied errors will come back up

Featured Threads

Hot Threads This Week

Hot Threads This Month