When you are running a Wordpress site, the wp-admin folder is where the Administrator settings are stored. Limiting access to this folder by IP address can stop something such as a robot (bot) or script from trying to guess your password over and over again. This will help protect your Wordpress installation.

If you haven't already, we'd suggest checking out our article about the WordPress brute force attack that has recently been going on that prompted this article being written.

In this tutorial we will show you how to allow access to the wp-admin folder by IP address, which will protect your Wordpress installation. This can be accomplished by adding a rule to the .htaccess file.

You will need to know your IP address, so that you can 'allow' it. If you do not know your IP address, here is a link to an article on how to find it.

Allow Access by IP:

  1. Using FTP or the File manager, edit the .htaccess file located in the /wp-admin folder.
  2. Add the following lines to your .htaccess file, and update with your specific IP address, or the IP addresses you want to 'allow'.

    order deny,allow 
    deny from all
    # Whitelist IP #1 
    allow from 192.16.145.862
    # Whitelist IP #2 
    allow from 192.16.145.863 
    # Whitelist IP #3 
    allow from 192.16.145.864

    Save the .htaccess file. Now, if someone tries to access your wp-admin folder, and their IP is not on this allow list, they will get a 500 error:
    internal server error

 

Congratulations, now you know how to protect your Wordpress admin area by allowing access to the wp-admin folder by IP address!

 

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve our Help Center:
Email Address
Optional, but our team may contact you for more information.
Did you find this article helpful?

Post a Comment

Name:
Email Address:
Comment:
Are you a bot?
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

News / Announcements

Update to SSL Certificates - Certificate Warnings
1969-12-31 11:00 am EST
Hits: 624
What is the Heartbleed bug?
1969-12-31 11:00 am EST
Hits: 234

Wordpress Security

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!

Help Center Search

Current Customers

Email: support@WebHostingHub.com Ticket: Submit a Support Ticket
Call: 877-595-4HUB (4482)
757-416-6627 (Intl.)
Chat: Click To Chat Now

Ask the Community

Get help with your questions from our community of like-minded hosting users and Web Hosting Hub Staff.

Not a Customer?

Get web hosting from a company that is here to help.