Skip to main content

How to protect your wordpress admin page

There are several plugins that do the job but they actually put load and can create conflicts in your wordpress website.

“We find that the best, with less strain or website conflicts and most secure way of protecting your website is by restricting the admin access by means of IP and using server files instead of website plugins.”

How to achieve this?

Basically you need root access to your website and edit 2 files:

    1. located inside the root “/”of your wordpress website, search to edit or create a file named:

.htaccess

You will probably already have a file created in your root if you activated your wordpress SEF (search engine friendly links) in the admin backend. The function to use permalinks SEF is located in Settings -> Permalinks. The most common or best option is to use:

Post Name Links

To the .htaccess file, add the following lines at the top:

<files wp-login.php>
Order deny,allow
Deny from all
allow from xxx.xxx.xxx.xxx
</files>

The “allow from” line needs to be edited, replace the xxx.xxx.xxx.xxx with your Ip. If you want to access the wp-login.php page from several locations, just add more allow from lines with different ip’s. So it looks like:

<files wp-login.php>
Order deny,allow
Deny from all
allow from ip1

allow from ip2

allow from ip,etc
</files>

  1. Next step is to restrict your entire wp-admin folder located inside your root “/” folder. If it’s the first time you are doing this, you won’t find any .htaccess file. Let’s create a new .htaccess file and insert this code inside:

<LIMIT GET>
Order Deny,Allow
Deny from all
allow from xxx.xxx.xxx.xxx
</LIMIT>

Again, you need to replace the xxx.xxx.xxx.xxx with your Ip. Also, same as previously, you can insert several access ip’s 1 per allow from line.

It’s a very easy operation that uses leass strain and page load power. Important, take your time to do it and make sure you insert the correct ip’s in the allow from lines. If you fail to insert the correct ip’s you will loose access to your admin page, not to worry, the issue can be fixed from your hosting control panel or by your hosting provider.

Hope you enjoyed the small tutorial, if you have the time check our top menu WordPress Hosting for Fast & Furious Specialized WordPress Hosting. You will be in good hands.

No Comments yet!