Home » Labs » How to protect WordPress admin login with .htaccess  

How to protect WordPress admin login with .htaccess


Filed under Labs

WordPress is popular opensource content management system and it have many security levels for protecting itself from hackers. But we knew many WordPress sites and blogs are hacked several times. In this post we are explaining how to protect WP admin access by limiting the access with .htaccess.

Before starting you need to took a copy of .htaccess file as backup, you can find it on your /wp-admin/ folder.

Do not edit your .htaccess file in root directory keep this file as it is, and edit the .htaccess file in /wp-admin/ folder. If there is no such file you need to create one with a notepad and name it as .htaccess. Then copy following code to .htaccess file.

 
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "WordPress Admin Access Control"
AuthType Basic
<LIMIT GET>
order deny,allow
deny from all
# whitelist Tom's IP address
allow from xx.xx.xx.xxx
# whitelist Loval's IP address
allow from xx.xx.xx.xxx
# whitelist Joseph's IP address
allow from xx.xx.xx.xxx
# whitelist Steve's IP address
allow from xx.xx.xx.xxx
# whitelist Office IP address
allow from xx.xx.xx.xxx
</LIMIT>

Don’t forgot to change ‘xx.xx.xx.xxx’ portion with related IPs.

Important: If you add above code then you can access Wp Admin folder from above IP’s. So do it carefully!

You can find your IP by visiting Vishmax IP Tracker

Posts you may like: