Protect Your Admin folder in WordPress by Limiting Access in .htaccess


Techie Pirate
Annette Flores

While using WordPress 2.8.3, our site was attacked in an attempt to hack into our WP-Admin folder. Thankfully WordPress has found the bug and released a security patch in WordPress 2.8.4, but this attack made us take extra security measures with our site. We have limited access to our wp-admin folder by using .htaccess and assigning specific IPs that can access it. Before some hacker kept resetting our password and that was because they could see our wp-admin folder and see the login bar. Now no one but WPBeginner Editors can see our admin panel. In this article, we will show you how you can limit wp-admin folder access by IP address using .htaccess file.

Protect Your Admin folder in any WordPress website
Joan Leonard

How To Protect Your Admin Folder In WordPress By Limiting Access in .htaccess (Manually)
With plugins, you have limited settings and if one of such plugins itself gets hacked, then your website will become vulnerable as well. Therefore, it is always recommended to take things into your own hand and configure .htaccess file yourself. Furthermore, there are a lot of security measures you can take by inserting code snippets.

Accessing .htaccess File
You would need FTP software to access your files and folders of your website. FileZilla is the best FTP software. Install and open it and then log into your cPanel account. Note that you might see a different .htaccess file in different folders or in the root directory. Do not edit those at all. You have to edit only the .htaccess file residing inside WP-Admin folder. Therefore, move inside WP-Admin folder and spot the .htaccess file. In case you do not have one, you have to create it with the name .htaccess. Make sure that you take a backup of the file before editing it. This is how .htaccess looks like.

Protect Your Admin folder in WordPress by Limiting Access in .htaccess
Jodi Reese

As we mentioned while using WordPress 2.8.3, our site was attacked in an attempt to hack into our WP-Admin folder. Thankfully WordPress has found the bug and released a security patch in WordPress 2.8.4, but this attack made us take extra security measures with our site. We have limited access to our wp-admin folder by using .htaccess and assigning specific IPs that can access it. Before some hacker kept resetting our password and that was because they could see our wp-admin folder and see the login bar. Now no one but WPBeginner Editors can see our admin panel. In this article, we will show you how you can limit wp-admin folder access by IP address using .htaccess file.

Be the first to comment

Leave a Reply

Your email address will not be published.


*