Keeping Your Wordpress Installation Safe with restricted IP access

If you have ever had your Wordpress website hacked into then you know the work involved to clean up a malicious website. In some cases you are left starting all over. To help protect yourself against attacks it is important that you take a few precautions.
 
A quick and easy way to protect your new FastWebHost Wordpress website is by securing your /wp-admin/ directory. You can lock it down by only allowing specific IP addresses to access this directory. So if you were at a random Starbucks that had WiFi you wouldn’t be able to login because their IP address is not on your safe list (unless of course you add them).
 

 
You can use the following .htaccessfile code.
 

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “Access Control”
AuthType Basic
order deny,allow
deny from all
# whitelist home IP address
allow from 11.222.333.44
# whitelist work IP address
allow from 22.333.333.44
allow from 33.222.333.44
# IP while in Kentucky; delete when back
allow from 44.222.333.44

 
In the above file the random numbers after the “allow from” lines would be replaced with the IP addresses you would like to whitelist. You can find your IP address by going to IPChicken.com
 
A second time you should follow is to make a blank wp-content/plugins/index.html file. This will ensure that no one knows what plugins you are using. Some hackers are able to get into your site by exploiting an out of date plugin.
 
About the Author:

Chris Foerster is an author for My News. Over the course of his career he has consulted for a number of companies to help them with their internet presence.