Restrict Access to wp-admin only from specific IPs
For security reason, it is recommended to allow access to wp-admin from your IPs only.
You can allow access to wp-admin from specific IPs or IP range using .htaccess file. This is simple and very useful security tip for wordpress site.
Create a .htaccess file in public_html/wp-admin folder.
If .htaccess file already exist, then simply add below codes.
Add following code in wp-admin/.htaccess file
<LIMIT GET> order deny,allow deny from all allow from xx.xx.xx.xxx allow from xx.xx.xx.xxx </LIMIT>
In above code change xx.xx.xx.xxx to your actual IP. This will be the IPs who can access wp-admin.
If you are on a dynamic IP, you can allow an IP range.
<LIMIT GET> order deny,allow deny from all allow from 122.44. # I am on a dynamic IP </LIMIT>
After IP restriction, you may not be able to get login page and browser will show some error message like:
404 Error or Too many redirects error
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
Open .htaccess file located in public_html folder.
Add following code at the top:
ErrorDocument 401 default
Enjoy a more secured WordPress site.