03
Feb
2013

Restrict Access to wp-admin only from specific IPs

Posted in: WordPress Comments Off

For security reason, it is recommended to allow access to wp-admin from your IPs only.
wordpress
You can allow access to wp-admin from specific IPs or IP range using .htaccess file. This is simple and very useful security tip for wordpress site.

Step 1:

Create a .htaccess file in public_html/wp-admin folder.
If .htaccess file already exist, then simply add below codes.

Step 2:

Add following code in wp-admin/.htaccess file

<LIMIT GET>
order deny,allow
deny from all
allow from xx.xx.xx.xxx
allow from xx.xx.xx.xxx
</LIMIT>

In above code change xx.xx.xx.xxx to your actual IP. This will be the IPs who can access wp-admin.

If you are on a dynamic IP, you can allow an IP range.

<LIMIT GET>
order deny,allow
deny from all
allow from 122.44. # I am on a dynamic IP
</LIMIT>

Step 3:

After IP restriction, you may not be able to get login page and browser will show some error message like:
404 Error or Too many redirects error

The page isn’t redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

Solution:
Open .htaccess file located in public_html folder.
Add following code at the top:

ErrorDocument 401 default

Done!!
Enjoy a more secured WordPress site.

About the Author

Name: Ravi Shekhar
I love learning and sharing web stuffs.

Share this post

Twitter Facebook Google Buzz Digg StumbleUpon Delicious Technorati
Both comments and pings are currently closed.

Comments are closed.