Weekend Wordpress Security Tip: Restrict Your Wp-Admin

Although this security issue may be fixed in newer versions of Wordpress, your truly screwed if your password gets cracked by a hacker. Since Wordpress only requires one to get all the administrative privileges to your blog, it would be best to limit the /wp-admin/ folder to just yourself (by your IP address, see below). How you might ask? With .htaccess files.

The Fix:

*Note* – If you have a dynamic IP (meaning that your IP changes from time to time), this method will not work for you.. You could block yourself out of your own blog!

1. First, Determine your IP address from any free service, such as: WhatIsMyIp.com
2. Second, Download your .htaccess file from your blog server in the /wp-admin/ folder (Do NOT Replace it on your blog directory.. Only in the Wp-Admin Folder) and open it with Notepad++ (A free utility that makes coding and code editing a breeze).
3. Add the following code to the file:
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “Example Access Control”
AuthType Basic
<LIMIT GET>
order deny,allow
deny from all
allow from xxx.xx.xx.xxx
</LIMIT>
4. Replace xxx.xx.xx.xxx with your IP address you found on the WhatIsMyIp.com website
5. Save the file and reupload to your server, and you should have full access to your blog, but nobody else will because they don’t have your IP.

Now you have one less thing to worry about in terms of security, hope you’ve enjoyed this Saturday tutorial!

Credits: http://www.reubenyau.com/

Disclaimer: Brad Blogging is not responsible for, and expressly disclaims all liability for, damages of any kind arising out of use, reference to, or reliance on any information contained within the site. While the information contained within the site is periodically updated, no guarantee is given that the information provided on this website is correct, complete, and up-to-date.

Related posts:

  1. Weekend Wordpress Security Tip: Index.html
  2. Saturday Weekend Security Tip: Remove This Useless Tag
  3. Weekend Wordpress Security Tip: What To Do When Your Blog Is H4CK3D
This entry was posted in Web Security and tagged , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Enjoy this post? Theres more to come, so click here to subscribe to our RSS Feed.

3 Comments

  1. Armand
    Posted August 24, 2008 at 6:08 am | Permalink

    Cool, but it seems can’t work for me because I don’t have a dedicated IP address. In other words, my IP is dynamically changed. But this is a good tip to protect our wp blog.

    Armand’s last blog post..Google Adsense Website Temporarily Down

    Reply
  2. bradblog
    Posted August 24, 2008 at 6:51 am | Permalink

    @ Armand – Yea, No system is perfect, but since I have a dedicated IP, it works out well. I thought I’d pass the info on to someone that has a dedicated IP for some extra security :)

    Reply
  3. Justin Wright
    Posted August 25, 2008 at 10:39 am | Permalink

    Yeah that seems like a good way to prevent hackers. Unfortunetly it would not work for me since I write my blog posts from all over the place. I rarely use the same ip, or laptop for that matter. But it is still a goot idea.

    Reply

One Trackback

  1. By Saturday Weekend Security Tip: Remove This Useless Tag | Brad Blogging on August 30, 2008 at 3:20 am

    [...] it up in Notepad++ (That I Recommended Last Post) and find the line that says: meta name=”generator” content=”WordPress <php [...]

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

CommentLuv Enabled

675 RSS Subscribers

Subscribe today to recieve any updates on this blog for free!

You'll also receive, "The Blog Manual" free of charge for being a subscriber which you can download at the bottom of each post.

 


Blog Advertisers

Popular Articles

Blog Categories

  • Advertising & Blogs
  • Article Readability
  • Asides
  • Blog Comments
  • Blog Design
  • Blog Loading Speed
  • Contemplation
  • Featured Posts
  • How To
  • Increase Readers
  • Increase Traffic
  • Interviews
  • Jquery Tools
  • Previous Contests
  • Tutorials
  • Unique Widgets
  • Web Security
  • Website Reviews
  • Wordpress Coding
  • Wordpress Templates

    • Recent Comments

  • Jonny said: As usual you are right Brad I think I should pay more attention to headlines looking back at some...

    • [Link]

  • SEO said: Exactly proper marketing can get an article attention, one of proper marketing encompasses the...

    • [Link]

  • Ganesh Iyer said: Apart from having an interesting title, the content of the article should be absorbing. This...

    • [Link]

  • George Angus said: Brad, Great stuff. Looking forward to the next in the series. Headlines (titles) are...

    • [Link]

  • LittleWebThings said: Many of these entries have been useful to me over the years! Thanks for creating this...

    • [Link]

    About The Author

    Brad Ney

    I am a Wordpress enthusiast, part-time website designer, and enjoy using the latest technology via the internet for website promotion.I enjoy writing about startup websites, XHTML, CSS, Wordpress based on what I've learned in the industry.

    Reader Poll

    • Are you a...

      View Results

      Loading ... Loading ...