1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Search and SEO 6:53 pm May 22, 2026

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

How to Handle Google Authorization Errors for Wordpress

         

alika

2:16 pm on Apr 24, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



I posted in the Global Wordpress Hack Underway [webmasterworld.com...] my problem of the sudden increase in authorization permission errors being reported in GWT.

The errors were of this form:

wp-login.php?redirect_to=http%3A%2F%2Fwww.DOMAIN.com%2FCATEGORY%2FPOSTNAME

The errors started a week after I introduced a password protection for extra layer of security for the site

I have removed the password protection in htaccess and deleted .htpasswd which I thought triggered the authorization permission errors. What that did was to halt the rise of the authorization permission errors. However, the errors simply remained constant - it did not increase but it also did not decrease. And yes, I keep getting messages in GWT about the authorization permission errors

Where else should I look at?

My robots.txt file currently has

User-agent: *
Disallow: /wp-admin/
Disallow: /wp-includes/
Disallow: /wp-content/plugins/

Should I add

Disallow: /wp-

to prevent Googlebot from accessing wp-login.php?

Note that:

- Wordpress has been installed since Jan 2012, and I've never had any authorization permission errors.
- WP-login.php is not linked anywhere on the site

This started April 1, and traffic has started to fall last week. Any direction you can point me to will be greatly appreciated.

tedster

1:53 am on Apr 25, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



No, I wouldn't just Disallow /wp- Although that would probably fix your immediate issue, it might disallow other files that you don't want to block, because it's a bit too open-ended for my taste and that could lead to unintended issues in the future.

Since you want to block crawling of /wp-login.php, why not Disallow exactly that?

alika

12:00 pm on Apr 26, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Thanks Tedster. We're seeing some very little progress even with the

Disallow /wp-

From 687 errors at its peak, we're down to 683 then 681. It seems like a slow climb down. But I'm hoping that the downward trend continues, albeit slow

Funny thing is even with Disallow: /wp-content/plugins/ , GWT includes URLs like this as one of the authorization permission errors:

wp-content/plugins/si-captcha-for-wordpress/si-captcha-admin.php

Given the constant attacks we've had since last year, we moved to a new webhost this year and are making sure that the server this time is properly configured and hardened. Once the migration is done this week, I'll revisit the robots.txt file again and simply do /wp-login.php disallow

alika

10:07 am on Jul 9, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



I ended up doing a

Disallow: /wp-login.php

Google finally recognized that on 7/6 and access denied errors dropped. It took a while before GWT showed the drop in access denied, from the time it first started on 4/10.

Now the wait when the traffic I lost coinciding with the rise of access denied errors will come back up
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Search and SEO 6:53 pm May 22, 2026