How to Restrict access to admin page on your wordpress

Many Times I saw multiple login attempts with unsuccessful login. I am the only author on my wordpress. Then who the hell is trying to login to my website’s admin panel and why?

Are these hackers? What can be done to prevent login to your wordpress? Restrict access to admin page to protect your site.

Initially I installed jetpack which block the user after 3 unsuccessful login attempts and trigger me mail with the IP address. This help me know that somebody from given IP tried to login to my site.

What next? If somebody keep trying to login from different IP address, then how will you prevent? Next step would be to restrict access to admin page.

If you are the only author / editor / administrator or person who can access to your admin page, you can allow access to your IP address by mentioning it in your .htaccess file.

In this case, only your IP address will be allowed to login

Check your IP

You can check your IP address using apps available online. You can search through google.

Edit .htaccess

Insert this line in your .htaccess file –

# IP restriction code
<Files wp-login.php>
Order Deny,Allow
Deny from all
Allow from YOUR IP

Above code will allow your IP address to login thru your admin page

You can add as many IP address you want in this file to allow IP addresses to login to your dashboard.

More Plugins –

There are many plugins available to protect your site from hacker’ login attempts if you are not comfortable editing code

1 – Ban IP addresses – WP Ban, IP Ban

2 – Limit Login attempts

Bonus Tip –

Do you know, hackers access your xml-rpc file to enter to your site. Read here – How to block access your website xml-rpc file.

Read More – Install wordpress for beginners

That’s it

Facebook Comments