How to limit access to your login page by IP

We have already shown you how to make your WordPress installation a little bit more secure by restricting unwanted visitors to your login page.

In today’s article, we’re going to show you how to limit access to your WordPress dashboard by IP address. First, you’ll have to know your IP address and make sure that you have a static one. If you have a dynamic IP address, i.e. if you get a new IP address every now and then, this limitation will be useless because you will restrict yourself from logging in. This method is a great security option if you work only from one computer with a static address and don’t have the need for accessing your dashboard from any other location.

There are two different ways of limiting access to one or multiple IP addresses. First, there is a simple method by placing a few lines of code in your .htaccess file while the other one requires you to install a plugin and enter your IP address.

Limit access via .htaccess file:

  1. Navigate to your .htaccess file (or create one if you don’t have one already)
  2. Open the file and c/p the following code:
  3. order deny,allow
    allow from 127.127.2.11
    deny from all
  4. Change the IP address to your own IP address
  5. Add multiple addresses if needed.
  6. If you want to allow multiple addresses, simply repeat the “allow from 127.127.2.11” line as many times as needed, but don’t forget to change IP addresses.

  7. Save the file

After you have saved the changes, you’re able to access your WP login page only from IP address you chose.

If you want to ban some IP address, you should enter those to “deny from” line.

IMPORTANT: you most probably don’t have a static IP address (most of us don’t) so don’t be surprised when you can’t access your admin in 1-2 days. It’s just because your IP has changed and it’s not whitelisted.

Use a plugin:

Restricted Site Access

PRICE: Free

Restricted Site Access plugin

This simple plugin will allow you to control access to your site without entering a single line of code or messing with files on your server. You can limit access to your site for people who are logged in or choose IP address which will be allowed to connect to your site. For unauthorized access, you can choose to display a message or redirect that user to login page, some other address or to the page you create in WordPress.

  1. Go to Plugins -> Add new
  2. Search for “Restricted Site Access”
  3. Install and activate the plugin
  4. Navigate to Plugins – Installed Plugins and go to settings
  5. Write down IP address which you want to allow
  6. Choose how the plugin will deal with unauthorized access

 

Simple IP Ban

PRICE: Free

IP Ban plugin

With Simple IP Ban, you can easily restrict specific IP addresses from getting to your site. If you don’t want to mess with the .htaccess file, use this plugin and ban user by IP address in just a few clicks.

  1. Navigate to Plugins-> Add new
  2. Find “Simple IP Band, install and activate the plugin
  3. Under settings, enter IP address and User Agent List you want to ban
  4. Choose if you want to add a redirect page for banned users
  5. Save settings

Need more security options for your website? Check out how Security Ninja plugin can help you.

If you want to learn more about WordPress, browse through our WordPress tutorials and other useful resources that will help you become a better webmaster.

START YOUR OWN BLOG

This guide is an introduction to mastering the art of blogging. It provides easy to follow steps to start, maintain, and grow your blog.

Read the guide

Leave a Reply

Your email address will not be published. Required fields are marked *