Admin Security: Added a few lines of code to the htaccess to block ANYONE from accessing the wp-admin except me. (They make plugins for this, I prefer to do it manually) As long as you have a static IP address from your ISP, this works like a charm and nobody can access ANY of your WordPress admin files. (Ben Johnson has a great page on securing WordPressas well)
- Goto your wp-admin FOLDER in your file manager for the website.
- open the .htaccess file (or create one if it does not exist)
- Add the following….
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “Access Control”
AuthType Basic
order deny,allow
deny from all
# whitelist IP
allow from xx.xx.xxx.xxx - Goto: http://www.whatsmyip.org/ get your IP address, and replace the xx.xx.xxx.xxx in the htaccess code with YOUR OWN IP.
- Save, close, done. Thanks to Matt Cutts for that tip a few years ago!
No comments:
Post a Comment