Limit WP-Admin to Certain IPs

0 replies
  • |
It took me a little bit to figure out how I could do this so I thought I would share what I learned. I had a good security system put in place but my account kept getting locked because of brute force attacks. So I just allow my work and home IP addresses to access the WP-Admin, everyone else gets a 404 error.

All you need to do is access your .htaccess file, go to the very bottom and add this code:

ErrorDocument 401 /path-to-your-site/index.php?error=404
ErrorDocument 403 /path-to-your-site/index.php?error=404

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^IP Address One$
RewriteCond %{REMOTE_ADDR} !^IP Address Two$
RewriteCond %{REMOTE_ADDR} !^IP Address Three$
RewriteRule ^(.*)$ - [R=403,L]
Replace IP addresses with the ones you want, leave all other characters there. Replace path to your site with your site obviously. Save the file and upload it back to the server.

Done and done.
#ips #limit #wpadmin

Trending Topics