Adding IP address Allow to admin

Home Forums BulletProof Security Free Adding IP address Allow to admin

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #30984
    Oliver
    Participant

    Hi there,

    I am wanting to add IP address block and allow to my website as I am experiencing brute force login attempts pretty rgularly now. Your plugin is doing an amazing job of keeping them out for now (login attempts block) but I fear eventually they will succeed. Having looked at the advice on the internet, it seems that adding IP address allow (for me only) and deny rest then this should be a good thing to do. Here is the advice on what to add to my admin .htaccess:

    # Block access to wp-admin.
    order deny,allow
    allow from x.x.x.x
    deny from all

    If your theme or plugins use AJAX, you will most likely need to add an additional group of settings to your .htaccess so that functionality continues to work:

    # Allow access to wp-admin/admin-ajax.php
    <Files admin-ajax.php>
    Order allow,deny
    Allow from all
    Satisfy any
    </Files>

    Having looked at the BPS generated .htaccess, it seems that there might be something already along those lines. Is this the case or should I add the above to the file?

    #30988
    AITpro Admin
    Keymaster

    See this Bonus Custom Code forum topic:  http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/ for how to “Protect wp-login.php from Brute Force Login Attacks based on IP Address”.  If you are using the standard/default wp-login.php page to process logins then all logins go through/are processed by wp-login.php.  ie if you go to the  /wp-admin/ URI and try to login, that login is processed by wp-login.php.

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.