Protect Your WordPress Admin with .htaccess

Protect Your WordPress Admin with .htaccess

How to protect my WordPress Admin using the .htaccess file.

In my previous article I discussed WHERE IS THE .HTACCESS FILE LOCATED – if you not familiar with where the .htaccess file is located on your server I suggest you go and read this article first.

If you are using WordPress in Multisite Network setup and you do not have to many additional administrators logging with deferent IP addresses –  this option will work for you as well.

Its always  best to lock the world out of the Admin area which in turn secures your Admin area from hacking. This is surely not an absolute way of preventing hacking but it will make it much harder for then to gain access. Also remember you need to have a static IP address or other wise you will have to constantly change the IP Addresses via cPanel’s “File Manager“.

You can use .htaccess to protect your WordPress admin area by limiting the access to selected IP addresses only. Simply copy and paste this code into your .htaccess file:

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "WordPress Admin Access Control"
AuthType Basic
order deny,allow
deny from all
# whitelist Syed's IP address
allow from
# whitelist David's IP address
allow from

Don’t forget to replace xx.xx.xx.xxxwith your own Static IP address. If you use more than one IP address to access the INTERNET, then make sure you add them as well. If you only using one IP address please remove the extra allow from


About the Author

Get your WebsiteUP today - ask us how?

Tomtechy @ Website UP
Get your WebsiteUP today - ash us how