Restrict login and registrations access

  • Resolved pete_398

    (@pete_398)


    13 years, 8 months ago

    We don’t allow registrations or comments, simply use WordPress for posting articles. We didn’t want anyone trying to login or to register, so this mod rewrite did the trick

    Options +FollowSymLinks
RewriteEngine on
#
RewriteCond %{REMOTE_ADDR} !^your\.ip\.add\.ress$
RewriteRule ^(wp-login|wp-register)\.php?$ - [F]

    Simply replace “your\.ip\.add\.ress” with your IP address, and then ONLY you can login.

    It returns a 403 if anyone attempts to login or register. Add other files as needed.

    Now to the request. It is already defined in WordPress that we have turned off new registrations. Simply use that config setting to return a 403, or similar if defined by the user.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    Bear in mind that if your IP changes, you can’t get in.

    Better would be to disable comments and registration on the site. It’s a built in option.

    Thread Starter pete_398

    (@pete_398)

    Bear in mind that if your IP changes, you can’t get in.

    That’s obvious. My IP is dedicated, I can change if it need be for no fees, and I don’t have any need at all to access the website whilst away (i.e. when an IP address may change for example).

    Better would be to disable comments and registration on the site. It’s a built in option.

    Disabling on those 2 functions was already done, but it doesn’t stop anyone trying to access those 2 files. The mod_rewrite does. ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Restrict login and registrations access’ is closed to new replies.