[WordPress-Tweak] How To White-List IP Addresses

How to whitelist IP addresses in #WordPress to restrict login access

[WordPress-Tweak] How To White-List IP Addresses
5 (99.23%) 26 votes

If you own a self-hosted WordPress blog, The major security factor is login protections. So you have to follow up plethora measure to do it. But not now? All you need to do is to whitelist a specific IP address to log in to the dashboard. This simple tweak can protect your blog/site from being hacked.

How to whitelist IP addresses in #WordPress to restrict login access

The main use of this feature is that the core files allows only a specific IP to have login access. This improves the security performance of the wordpress site. Working on a server level, This feature won’t allows any kind of login authorizations and won’t even lets the default login page to appear. So if you don’t mind to copy, change and paste a few lines of codes to secure your site.

Advantages

  • Is easy to implement.
  • Enables you to control who accesses your website.
  • Is more effective than implementing login security measures.

Disadvantages

  • You might face plethora problems if the site is based up with a huge team.

How To Whitelist IP-Addresses For The Login Page Manually!

So before we get into the guide, make sure to have a complete backup of your site. So that if you done any mistake you can manually restore all the changes. Now get the list of all the “IP Addresses” ready. To grab your systems IP, Just use this simple tool ” IP Location Finder“.

Once you got all the IP Addresses ready, Just grab the below code and replace the “IP_ADDRESS_ONE & IP_ADDRESS_TWO” with your computer’s address.

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^IP_ADDRESS_ONE$
RewriteCond %{REMOTE_ADDR} !^IP_ADDRESS_TWO$
RewriteRule ^(.*)$ - [R=403,L]
</IfModule>

Now that if you have done all correct, The code should look something like this.

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^190.36.268.21$
RewriteCond %{REMOTE_ADDR} !^190.43.281.27$
RewriteCond %{REMOTE_ADDR} !^190.67.302.44$
RewriteRule ^(.*)$ - [R=403,L]
</IfModule>

Once the code snippet is ready, All you need to do is just paste this code into the .htaccess file. You can easily find this file in the default directory. Which is often known as “public_html or is named with your domain name“.How To Whitelist IP-Addresses For The Login Page Manually!

This is how one can easily whitelist IP addresses in #WordPress to restrict login access to other ip’s. Hope you found this post useful. Make sure to express your views in the comments section below.

Related Articles

4 thoughts on “[WordPress-Tweak] How To White-List IP Addresses”

  1. It’s difficult to find well-informed people for this subject,
    however, you sound like you know what you’re talking about!
    Thanks

Leave a Reply

Your email address will not be published. Required fields are marked *

Close