Block wpadmin… blocks access to web for everyone else

  • [ Moved to the Fixing WordPress sub-forum. ]

    I have a fixed IP and I am interested in preventing access to wpadmin. I have studied the codex regarding the .htaccess lines to block access to wpadmin. I am sure I have missed something.

    # Block access to wp-admin.
    order deny,allow
    allow from x.x.x.x
    deny from all

    This works but also stops any access just to the website urls (ie all web users except from my ip) as well. Where does it say just to wp-admin?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi Patbell,

    Try this:
    <FilesMatch wp-login.php>
    Order Allow,Deny
    Allow from XXX.XX.XXX
    </FilesMatch>

    That would need to go inside “wp-admin” folder, so it only applies to that folder.

    You can try something like this inside your main .htaccess:

    <IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^111\.111\.111\.111$
RewriteRule ^(.*)$ - [R=403,L]
</IfModule>

    This will block access to wp-admin and wp-login unless IP matches.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Block wpadmin… blocks access to web for everyone else’ is closed to new replies.