Login
Menu

How To Restrict Access To WP-Admin For Preventing Malicious Attacks?

Home / How To Restrict Access To WP-Admin For Preventing Malicious Attacks?

How To Restrict Access To WP-Admin For Preventing Malicious Attacks?

While the internet is a nice platform for establishing a powerful on-line identity it also brings plenty of perils. Some time ago, people have witnessed one among the most important DDos attacks within the history of web. we tend to also heard about the WordPress web site being targeted by the hackers. These items bring forth insecurity within the minds of the many web site ownerswho run their websites with the WordPress CMS.

WordPress is one among the foremost popular content management systems that’s used for web site / blog creation. Approximately, 17% of the websites are supercharged by WordPress these days. This has offered a bigger platform for the people with dangerous intentions to plan activities like DDoS attacks and web site hacking.

How are you able to safeguard your WordPress web site against the hackers making an attempt to crack into your WordPress login credentials?

There are some ways so as to strengthen the security of your WordPress web site. Here is an insight on the foremost crucial ways:

You can use a plugin called ‘Limit Login Attempts’ that limits the number of login tries made to your web site. This plugin permits you to set a most limit of unsuccessful login attempts from any specific IP and intimates you about the failed attempts. During this method you’re aware about any malicious activity which may occurs on your web site in the future.

Another technique of eliminating the unauthorized access is by limiting the login access altogether. This will be done by ‘White listing’ certain IP addresses that are well-known to you and blocking all the other IP addresses.

Below are the steps that you need to follow:

Step 1: Navigate to the root of the WordPress installation on the server and find a folder named – ‘wp-content’

Step 2 : Edit the .htaccess file by adding the commands given below:

<Directory /wp-admin >
<files wp-login.php>
AllowOverride None
order deny,allow
# whitelist
allow from xxx.xxx.xxx.xxx (IP 1)
allow from xxx.xxx.xxx.xxx (IP 2)
allow from xxx.xxx.xxx.xxx (IP 3)
deny from all
</files>
</Directory>

Note : Remove the IP1, IP2 and IP3 from the code. Similarly, you can add as several IP addresses as you want.

This is a little step that proves to be very useful in terms of the protection of your WordPress web site. With the assistance of this small modification, only the authorized IP addresses will be able to access the WP-Admin page.

Other necessary tips for safeguarding your WordPress web site / blog:

  • Use a complicated username that can’t be considered simply
  • Use a complicated password, that contains of a combination of numbers, letters in character and graphic symbol and a few special characters. You’ll be able to also take the help of on-line password generators which will generate a complicated password for you.