Blocking access to WordPress admin

Blocking access to your WordPress admin area is a great way to improve the security of your WordPress site. It also helps reduce the load from brute force attempts that slow down your website load time. All you need to to enable this feature it paste some text by editing the .htaccess file.

To block access to your WordPress admin portal, you need to add the following to your .htaccess file:

<Files wp-login.php>

# set up rule order
order deny,allow

# default deny
deny from all

# Thexyz Office Ranges

allow from 10.10.4.0/23
allow from 10.20.4.0/22
allow from 10.20.7.0/24
allow from 10.30.4.0/2
allow from 10.30.2.0/24
allow from 10.30.104.0/24

# Add additional IPs for access here

</Files>

You just need to change the numbers in red to your own IP.

You can find your IP address here.

To further secure your WordPress site, take a look at the complete list of .htaccess snippets to improve WordPress security.

  • 123 Users Found This Useful
Was this answer helpful?

Related Articles

Enabling two-factor authentication

Setting up 2-factor authentication (or 2FA) provides a second line of defense. If your password...

Setup SMS password reset for Webmail

Email password resets for Webmail require SMS verification or Multi-Factor Authentication. If you...

Password Help

Here at Thexyz we take your account security very seriously and want to make it easy for you to...

How To Change Your Webmail Password

A strong and secure password is an essential component of protecting your online accounts,...

How to enable DKIM Authentication on your domain

Protect your Email with DKIM (Domain Keys Identified Mail). DKIM adds a secure signature to your...