[Lesson 3] Restrict Access To Wp-Admin

wp-admin is the cockpit of your WordPress. You can control your whole website from the wp-admin area. This is one central area of your website that holds supreme powers. And, hence the desired target.

Now, restricting access and disabling user registration can help secure your wp-admin from hackers. Learn the step-by-step process here.

Restrict Access To wp-admin

Allowing only a select IP can resist hacker’s IP  from reaching your website.

Here is how you can restrict others from accessing your website.

Step 1 – Connect to your website through an FTP client

Step  2 – Navigate to public_html directory>wp-admin

Step 3 – Create a .htaccess file there

Step 4 – Paste the following code there and save it-

Order, Deny, Allow
Deny from all
Allow from xx.xx.xx.xx

Edit the “Allow from” line to allow your IP address. For multiple IP whitelisting, repeat the “Allow from” in the next line and so on.

Disable User Registration

Usually, there is a Register link on your WordPress login page. You can disable this Registration form to discourage access to wp-admin.

This will redirect visitors to the standard login form if they try to access the registration form after being shown an error message.

To disable user registration on your WordPress, follow the next steps:

Step 1 – Go to your WP dash>general>settings

Step 2 – Uncheck ‘Anyone can register’ option from there.

Step 3 – Save the changes.

And, you are good to go.

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include firewall, malware scanner and security audits to protect your site from the
evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany