Restrict Access to wp-admin only from specific IPs

Posted in: WordPress Comments Off

For security reason, it is recommended to allow access to wp-admin from your IPs only.
You can allow access to wp-admin from specific IPs or IP range using .htaccess file. This is simple and very useful security tip for wordpress site.

Step 1:

Create a .htaccess file in public_html/wp-admin folder.
If .htaccess file already exist, then simply add below codes.

Step 2:

Add following code in wp-admin/.htaccess file

order deny,allow
deny from all
allow from xx.xx.xx.xxx
allow from xx.xx.xx.xxx

In above code change xx.xx.xx.xxx to your actual IP. This will be the IPs who can access wp-admin.

If you are on a dynamic IP, you can allow an IP range.

order deny,allow
deny from all
allow from 122.44. # I am on a dynamic IP

Step 3:

After IP restriction, you may not be able to get login page and browser will show some error message like:
404 Error or Too many redirects error

The page isn’t redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

Open .htaccess file located in public_html folder.
Add following code at the top:

ErrorDocument 401 default

Enjoy a more secured WordPress site.

About the Author

Name: Ravi Shekhar
I love learning and sharing web stuffs.

Share this post

Twitter Facebook Google Buzz Digg StumbleUpon Delicious Technorati
Both comments and pings are currently closed.

Comments are closed.